Oauth2
No edit summary
No edit summary
Line 1: Line 1:
=Client credentials grant flow=
'''Server to server authentication''' using Oauth2 and the [https://tools.ietf.org/html/rfc6749#section-4.4 Client credentials grant flow] may be supported using these steps. Other flows may of course also be supported in a similar flow. User-authentication using Oauth2 and OpendId is described [[Openid|here]]
'''Server to server authentication''' using Oauth2 and the [https://tools.ietf.org/html/rfc6749#section-4.4 Client credentials grant flow] may be supported using these steps. Other flows may of course also be supported in a similar flow. User-authentication using Oauth2 and OpendId is described [[Openid|here]]



Revision as of 15:09, 10 March 2019

Client credentials grant flow

Server to server authentication using Oauth2 and the Client credentials grant flow may be supported using these steps. Other flows may of course also be supported in a similar flow. User-authentication using Oauth2 and OpendId is described here

1. Set up the call to obtain the "token" using the client secret, storing the result in transient classes as shown to the right

GetTokenOauth2.PNG

TokenModel.PNG

2. Set up a server-side view model to refresh the token before expiry, using criterias (as an example) as shown below.

OauthSSCriteria.PNG

2. Pass the "token" in all subsequent calls.

Oauth2Call.PNG


Please note that eventough Oauth2 is a standard, the naming conventions of all parameters may differ, these names worked using a Indentity Server 4

This page was edited more than 11 months ago on 02/10/2024. What links here