Questions tagged [oauth-2.0]

OAuth (Open Authorization) is an open protocol framework to allow secure API authorization in a simple and standardized way for desktop, mobile and web applications. OAuth 2.0 is the second version of the OAuth protocol.

0
votes
1answer
7 views

How do I get different AUTH headers for different collections in Postman?

I'm using PostMan to test my REST API. Sometimes I want to test my Production environment, sometimes I want to test by Development environment. Both are authorized by different OAUTH 2.0 authorities....
0
votes
0answers
12 views

Jenkins groovy not able to clone gitlab repo using oauth token over https port

Unable to checkout code from gitlab via jenkins groovy using oauth2 token over https. Cloning works on git cli using the same oauth token. But Iam not able to invoke the working GitLab connections ...
0
votes
1answer
28 views

Is there any way to get a Bearer token now, since Robinhood has changed the API again?

We keep playing this cat and mouse game with Robinhood.com. I have a trading app which used to trade stocks with Robinhood, but they keep changing the unsupported unofficial API to make it difficult ...
0
votes
0answers
7 views

How to Integrate Oauth2.0 in apache archive

I want to integrate the OAuth with archiva . google account login into archiva.
0
votes
0answers
8 views

How do you enforce secure storage of Access Token by your Partner?

In an Open API world, Tokens are the door key (issued to anyone with a valid Client Id and Secret). Tokens allow anybody who has them to access a resource. As such, they are as critical as passwords. ...
0
votes
0answers
12 views

oauth2 - principal is null with client_credentials Flow using Spring Boot

Principal is null with client_credentials oauth2 Flow using Spring Boot. authorization server to generate token resource server to protect my url with the given token pom.xml: <project xmlns="...
0
votes
0answers
7 views

Kong API Gateway + custom authentication + generating and store access tokens in Kong

I am trying to implement Kong API Gateway with client_credentails flow. I have a custom auth service that takes care of authentication of clients. I would like Kong to be responsible for issuing the ...
0
votes
0answers
7 views

JasperReports Server authentication: Cannot find class

I want to use authentication Oauth2.0 with jasper server v7.1.1 follow this Configuring: https://community.jaspersoft.com/wiki/configuring-oauth-20-tibco-jasperreports-server-v61#...
-1
votes
0answers
16 views

is it possible to customize auth flow for oauth2 in spring security? [on hold]

I'm creating an auth server. Here is what the flow is supposed to be like. When a user submits just his username, the server returns an encoded password, if the username exists. The user then decodes ...
0
votes
0answers
12 views

Ask for email without generating new access token

In my web application, when user presses login button, I want to let him select an email, then check if I have a refresh token(for the scopes I need) in my database for this email, and if I have a ...
1
vote
0answers
19 views

GoogleDrive API service on IIS 7

I am using Google Drive API service to access my files and upload new files on the google drive, i have setup the new project in Google console and setup OATH Consent and Client ID. Authentication of ...
-1
votes
0answers
10 views

Getting error “Insufficient session information for single sign on” on requesting a new token after token expiration [on hold]

I am trying to make a request with prompt=none for getting the new access token, but getting an error "Insufficient session information for single sign-on."
0
votes
1answer
10 views

Add http://192.168.64.2:8000 domain for Authorized redirect URIs

I am trying to add google Authorized redirect URIs I have added two domain for locally test http://127.0.0.1:8000/app/oauth/complete/google-oauth2/ and http://localhost:8000/app/oauth/complete/...
0
votes
0answers
26 views

Why does Jhipster gateway forward request without access token to microservice api?

I have generated a microservice application using Jhipster. I have also generated a Eureka registry, Zuul gateway and UAA server for authentication (using Oauth2). I would like to use authentication ...
0
votes
1answer
16 views

JPA TokenStore implementation for OAuth with Spring Boot 2 [duplicate]

I'm setting up an OAuth 2 authorization server with Spring Boot 2. Examples and existing implementations are all using JdbcTokenStore which takes a DataSource. I think this is painful and I'm having ...
0
votes
0answers
15 views

Yahoo OAuth2 Gives Invalid Authorization Header

I started with https://github.com/funador/react-auth-client and https://github.com/funador/react-auth-server. I have been able to get google and github oauth logins to work (I removed facebook and ...
0
votes
0answers
29 views

oauth making testing impossible

We just got code flow working with IdentityServer4 and angular-auth-oidc-client. We have the following setup on one of our APIs. var guestPolicy = new AuthorizationPolicyBuilder() ....
0
votes
0answers
10 views

Google Calendar needs constant reauthorization

I’ve been playing around with the Google Calendar API and have set up a basic CLI to list events as detailed here: https://developers.google.com/calendar/quickstart/php However, after an hour or so ...
0
votes
2answers
46 views

Any worked example how to set up an oauth2 authorization server with a login form and a github?

I'm trying to set up an authorization server using spring boot. This server should be able to authorize the user using the login / password form and using the github (as example). I hope the image ...
1
vote
2answers
28 views

Why JWT is a stateless authentication?

I am trying to understand how JWT authentication is stateless. In stateful authentication, there will be a session id. Here there is a JWT token which is signed. So the authentication server issues ...
0
votes
1answer
18 views

I am getting “Full authentication is required to access this resource” response from Spring boot security setup

I am building simple password grant type with in memory authorization server for demo purpose, and later on to integrate with my existing web application. Not sure is there any configuration I am ...
0
votes
0answers
6 views

Social Media Authentication: Best practice for authorisation/verification?

To explain the problem; lets assume an example of an application which has 'Login with facebook' as a signup/signin method integrated. Client authenticates the user and gets a access_token (Valid for ...
0
votes
1answer
23 views

Using ASWebAuthenticationSession to connect to Strava account fails

I have trouble using the new ASWebAuthenticationSession class that is used for the OAuth2 process in iOS applications. I want to use this class to connect my app with my Strava account. I have the ...
1
vote
1answer
31 views

Azure AD B2C Open ID Connectivity Vs OAuth 2.0

On this Microsoft documentation on Azure AD B2C, I read OpenID Connect is recommended if you're building a web application that's hosted on a server and accessed through a browser. If you want to ...
0
votes
0answers
13 views

login.microsoftonline.com: Name or service not known

I am trying to get token using authorization code from office-365 using Microsoft Graph API. The code i have written that successfully worked in local tomcat server but when i deployed the same code ...
0
votes
0answers
9 views

'Viewer/Actor is unauthorized' response with Linkedin v2 API request to likes endpoint?

I am performing the following request with my Postman client to like a share/comment on Linkedin using the v2 OAuth 2.0 API for Linkedin. This is based on the Linkedin API documentation on the ...
-1
votes
0answers
15 views

linkedIn - it was not possible to access the API call: it was returned an unexpected response status 401 Response [on hold]

I was try to implement login with linked in php using oauth2 . I got error :Empty oauth2 access token , i'm understand how to solve it it was not possible to access the API call: it was returned an ...
0
votes
0answers
17 views

spring security Authentication and resource server seprated check_token is not sending authorization header (outh2 jwt spring boot, zuul)

problem resource server making request for check_token its not passing authorization token which is implemented by spring security. how we can pass authorization token for /check_token endpoint? I ...
0
votes
0answers
16 views

AWS Cognito and Server to Server token exchange

We have two use cases which require exchanging third party IdP OpenID Connect token for a CUP token. User logs into third party mobile app, then accesses our AWS resource Third party server with ...
0
votes
1answer
14 views

Is there a way to save Data Factory web activity output to a file or database table?

I am hitting an issue in Data factory when connecting to oauth 2 rest api, where I don’t seem to be able to find a way to save the web activity output to a file or database table, so then other ...
0
votes
0answers
18 views

Grant a Keycloak client service account permissions to create realm users without using the broad manage-users role

I have a web application that is leveraging Keycloak for IdM. I am using the Resource Owner Password Credentials or Direct Grant flow for authentication which uses REST API calls to /auth/realms/{...
0
votes
1answer
22 views

ASP.NET core 2 how to skip identity association form?

I have simple ASP.NET app and I'm trying to allow users to login using external auth providers. So far I have managed to implement google auth, however, after logging in a user is required to confirm ...
0
votes
1answer
26 views

Discord API tells me: “401: Unauthorized” when i make a GET with Google-Scripts: “UrlFetchApp.fetch()”

I'm setting up a api connection. I want to get informations from discord api for my app. So I implemented OAuth2 without any problems, I have my access token. Then I tried query some endpoints (/...
0
votes
0answers
10 views

Using OAuth2 Gmail tokens to access protected sources

I'm having trouble figuring out how to use the tokens I got to create a new OAuth2 session and access the Gmail API. I created an app that uses the Gmail API. After the Oauth approval flow I save for ...
0
votes
0answers
29 views

How easier is it to implement user authentication on an authorized client? [on hold]

Actually, the question is, how is it right / easier / faster to organize and implement this task - simultaneous "double" authorization of the user and the client he uses to access the API Node.js ...
0
votes
0answers
7 views

How to obtain Refresh Token OAuth2 in PayPal using .NET SDK

I want to generate a Refresh Token for PayPal and use that Refresh Token to generate new Access Tokens. However, nothing I've implemented so far works and the PayPal documentation is not that great. ...
1
vote
1answer
20 views

How to authenticate using OpenID in Tornado?

I'm using Tornado web server for a simple web application, and want to authenticate the user using OpenID. I'm new to Tornado, and I managed to work it using Node.js' Passport package (was testing on ...
0
votes
0answers
16 views

CAS OAuth2.0 grant_type - password server returns empty user's profile

In soft Apereo - CAS (version 5.3.8) server returns empty user's profile after authentication. Grant type - password massage from server { "attributes": {}, "id": "clientid" } service ...
0
votes
0answers
26 views

Refresh a OAuth2Session without a refresh_token

A provider offers a new OAuth2 based API which I am integrating in a Django application. I am stuck at the token_expired error which will raise after e few minutes. In the documentation there are ...
1
vote
1answer
30 views

OAuth 2.0 not getting authorized

I'm writing a console application in C# which should connect to a website that uses OAuth 2.0. I'm using the following code : var client = new RestClient(new Uri(BaseUri, "api/oauth2/Token")); var ...
1
vote
0answers
24 views

invalid_token:Cannot convert access token to JSON

I get error while refreshing the token(grant_type=refresh_token). It seems that user did not use the application for long time and both access token as well as refresh token expired. When app now ...
0
votes
1answer
19 views

How to consume a web api with oauth2 authorization using ASP.net MVC?

I've been looking for ways of how to consume a web api with an oauth2 authorization using ASP.Net MVC. Any suggestions? I have already tried sending a request to the web api and recieve a response. ...
0
votes
0answers
29 views

I am getting OAuth2 server connection error few times in Laravel framework

I am using Laravel framework for my application. Every day few times it is throwing the OAuth2 authentication error and it says "The user credentials were incorrect" but after sometime automatically ...
0
votes
0answers
23 views

Deploying a server with default configured client [on hold]

I am developing a asp net core server and a client (possibly also an asp core server based website) which other people can install themself. The server is publicly available but as an area protrcted ...
0
votes
0answers
7 views

spring-cloud-gateway global filter to extract security info from an access token and relay it to downstream services

I have been using the spring-cloud-gateway as a ResourceServer and for a specific implementation,want to extract some information like say, roles of the user,from the JWT access token it receives to ...
0
votes
0answers
15 views

Browser Cache through Browser History

Is it possible to access browser cache by navigating through browser history? any token stored in browser cache can be exploited through history or any other mechanism?
0
votes
0answers
7 views

box .net sdk. Use refresh token to get access token

I'm looking for a sample that shows how with the .NET SDK if you have a valid refresh token..how you might get an access token from it. I assume a new refresh token would come with that. But I'm not ...
0
votes
0answers
7 views

OAuth2 and keeping track of devices

I am looking to implement a security measure for a customer to be able to view a list of devices they are logged in with and deactivate those sessions akin to what iCloud, Facebook, and Google provide....
0
votes
0answers
13 views

Laravel passport grant type middleware

I have a working question about laravel and passport ... It is almost a doubt about implementation the grant's types available ='( Knowing that everything is working ... I have the following ...
0
votes
1answer
9 views

How to properly implement user authentication and authorization (FirebaseAuth with NodeJS backend)

I'm creating an app using firebase authentication and I'm still new to authentication and authorization. What I have already done is implement firebase authentication in the front end, when a user ...

http://mssss.yulina-kosm.ru