oauth-2.0 Questions
1
I'm trying to authenticate against the Microsoft https://login.microsoftonline.com/oauth2/v2.0/authorize endpoint with enforcing MFA. Following the documentation this is done by adding the &amr...
Archive asked 23/9, 2021 at 20:11
3
Solved
I've previously been using the validate-jwt policy successfully in a lot of projects. I would like to try out the new validate-azure-ad-token policy instead.
I changed one of my policies from:
<...
Claver asked 9/12, 2022 at 8:18
2
Solved
I am currently trying to implement Oauth2.0 to protect API using below documentation
https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad
And curre...
2
Solved
I'm trying to set up Google OAuth with my iOS app and Rails web app. I have 2 separate clients (with of course different client IDs, but with the same prefix) set up in the API Console. One for the...
Providenciaprovident asked 8/2, 2017 at 5:37
5
Solved
I am facing an issue in UPS Rating API integration. My request body is:
{
"RateRequest": {
"shipper": {
"address": {
"postal_code": "12345",
&...
Incorporeity asked 28/4, 2023 at 16:53
4
I am using following code for linkedin authentication and getting following error
Signed API request to https://api.linkedin.com/v2/me has returned an error. HTTP error 403. Raw Provider API respon...
Jody asked 29/3 at 10:17
5
I am trying to make an OIDC authentication/authorization against a keycloak server with an Android app I'm building.
I am getting the following error, which is leading me to receive a 502 in my ap...
Revelationist asked 15/8, 2019 at 0:32
4
Solved
I just manually implemented a facebook oauth2 flow into my webapp. After receiving the correct access_token and trying to call the graph api for user data I got a 400 BAD REQUEST as response.
GET...
Desolate asked 4/9, 2014 at 9:59
4
Solved
I'm playing around with laravel and try to enable client credentials grant to secure some api endpoints.
To provide some context:
I want to create an api that stands between a database and sever...
Voracity asked 30/1, 2020 at 9:8
2
Solved
In most OAuth2 typical use cases, the scope is used by resource owner password grant type, or authorization code flow, where a user login is required.
It seems that scope is mainly used to control ...
5
Solved
When Amazon Cognito issues access tokens it doesn't include an aud field.
In the documentation for Cognito tokens, the aud field is listed for id tokens (always set to the same value as client_id),...
Minor asked 5/11, 2018 at 5:16
3
I'm using Gsuite as an Saml IDP to authentify users of my organisation on internal apps.
Everything is working fine, except for one point:
when one of my users if logged in with his/her personal a...
Hun asked 15/2, 2018 at 11:53
6
Solved
I'm kind of desesperate to make this keycloak work. I can authenticate but for some reason, my token introspection always fail.
For example if I try to authenticate:
curl -d 'client_id=flask_api' ...
5
Solved
In OAuth, the initial authorization request has a state parameter. Apparently it's there for security reasons, but I don't really understand against what it protects... For instance, on GitHub the ...
Jasminjasmina asked 30/9, 2014 at 23:48
4
I'm developing an oauth2 provider based on rfc6749 and I'm wondering, why is redirect_uri required on the Access Token Request? The /token endpoint is not redirecting and the state is assumed to be...
Rowe asked 6/6, 2016 at 13:47
5
Solved
Although I have worked with OAuth 2 before, I am a newbie to Open ID Connect.
Reading the tutorials and documentations I have come across both access_token and id_token where access_token is the ...
6
I'm building a system with OIDC and OAuth 2.0 (using Auth0), and I'm unsure how to properly use the id_token and access_token. Or rather, I'm confused about which roles to assign to the various ser...
Ferreira asked 11/10, 2017 at 7:7
8
Solved
5
Solved
I am getting an error when I try to refresh access token:
400 Bad Request
{error : "unauthorized_client"}
From the Google token URI:
{
"error" : "invalid_request"
}
I read this answe...
Pereyra asked 14/12, 2012 at 2:54
2
Solved
Hello there I'm a newbie to programming. I was going to authenticate to Gmail API using oauth2 Authentication and I forgot to set the redirect URI at the first place. Then I registered it but I sti...
Idden asked 21/9, 2022 at 10:38
2
Solved
Consider the following environment:
one docker container is keycloak
another docker container is our web app that uses keycloak for authentication
The web app is a Spring Boot application with ...
Frenzy asked 26/7, 2019 at 5:23
2
Solved
I am new to fastapi. I was trying to implement an authentication feature in it. It uses OAuth2PasswordBearer for that. I do not actually understand what's the use of this if I can simply get the us...
3
After upgrading to Keycloak version 1.9.1 we’ve started to get rejections from keycloak.js while getting token based on code.
If we enter base url (http://example.com) then the app works fine, log...
Hospitium asked 20/4, 2016 at 12:2
2
Solved
I'm trying to authorize access to our web application by using OAuth 2.0 and Azure AD. Guide here.
The user is redirected to similar URL:
https://login.microsoftonline.com/common/oauth2/authorize...
Kagera asked 2/2, 2017 at 15:46
7
Solved
What should I do to be able to use #oauth2 security expressions on method level like on the example below?
@RequestMapping(value = "email", method = RequestMethod.GET)
@ResponseBody
@PreAuthoriz...
Trillium asked 22/4, 2015 at 12:33
1 Next >
© 2022 - 2024 — McMap. All rights reserved.