Oauth2

Revision as of 06:50, 13 March 2023

Client Credentials Grant Flow

Server-to-server authentication using Oauth2 and the Client credentials grant flow may be supported using these steps. Other flows may also be supported in a similar flow. User-authentication using Oauth2 and OpendId is described here.

1. Set up the call to obtain the "token" using the client secret, storing the result in transient classes as shown on the right:

2. Set up a server-side ViewModel to refresh the token before expiry, using criterias (as an example) as shown below.

2. Pass the "token" in all subsequent calls.

Please note that even though Oauth2 is standard, the naming conventions of all parameters may differ - these names worked using an Identity Server 4.

This page was edited more than 11 months ago on 02/10/2024. What links here

@@ Line 1: / Line 1: @@
-=Client credentials grant flow=
+=Client Credentials Grant Flow=
-'''Server to server authentication''' using Oauth2 and the [https://tools.ietf.org/html/rfc6749#section-4.4 Client credentials grant flow] may be supported using these steps. Other flows may of course also be supported in a similar flow. User-authentication using Oauth2 and OpendId is described [[Openid|here]]
+'''Server-to-server authentication''' using Oauth2 and the [https://tools.ietf.org/html/rfc6749#section-4.4 Client credentials grant flow] may be supported using these steps. Other flows may also be supported in a similar flow. User-authentication using Oauth2 and OpendId is described [[Openid|here.]]
-. Set up the call to obtain the "token" using the client secret, storing the result in transient classes as shown to the right
+. Set up the call to obtain the "token" using the client secret, storing the result in transient classes as shown on the right:
 [[File:GetTokenOauth2.PNG]]
@@ Line 9: / Line 9: @@
 [[File:TokenModel.PNG|thumb|right]]
-. Set up a server-side view model to refresh the token before expiry, using criterias (as an example) as shown below.
+. Set up a server-side ViewModel to refresh the token before expiry, using criterias (as an example) as shown below.
 [[File:OauthSSCriteria.PNG]]
@@ Line 18: / Line 18: @@
-'''Please note that eventough Oauth2 is a standard, the naming conventions of all parameters may differ, these names worked using a Identity Server 4'''
+'''Please note that even though Oauth2 is standard, the naming conventions of all parameters may differ - these names worked using an Identity Server 4.'''
 [[Category:Authentication]]