I'm referencing another SO post that discusses using refresh tokens with JWT. JWT (JSON Web Token) automatic prolongation of expiration I have an application with a very common architecture where m...

I need to connect to a company API using a PFX file and password using oauth2. I'm not very familiar with using PFX files and not sure how to connect to an API using a PFX file and password. I loo...

I'm trying to refresh the oauth2 token using ClientOAuth2.Token.refresh() but keep getting the error sometimes: {"error":"invalid_grant","error_description":"Session not active"} This is the reque...

I am working with Google Drive File Picker by following this Google Drive File Picker Example demo project. I have generated API Key and Client Id. But when I run the project I am getting following...

The Scenario I've recently built an API, and have protected its resources using OAuth Bearer Access Tokens. I've used the Client_Credentials Flow, as it will be accessed by clients as opposed to us...

I would like to let my users login with Google on my react web app (secured with Auth0), even if they come from a native app. I did add a social connection for oauth in auth0 dashboard and it's wor...

Am using Laravel Passport to build an API, I removed the web routes and its guard accordingly How can I test user logout? This is what I have so far: Logout Test /** * Assert users can logout * ...

I want users of my Next.js TypeScript app to grant it permission to manage their Alexa Lists. I figured this would be possible with OAuth2. I figured I'd need to create a button in my website that ...

I am building an Alexa Skill that will implement Account Linking. When a user uses my skill, they would have to use the Alexa App to sign-in. The Authentication UI is set up and managed by Amazon ...

I have currently set up a web-based application, to which I have added an authentication method using oauth2_proxy (with gitlab as authentication provider). What I need to know is if there's way th...

I am creating a simple SpringBoot application and trying to integrate with OAuth 2.0 provider Keycloak. I have created a realm, client, roles (Member, PremiumMember) at realm level and finally crea...

I'm trying to follow this tutorial to authenticate with Google using their OAuth 2.0 API. However, I would like to make straight curl calls rather than use their libraries. I have obtained my Clie...

Im trying to get Authorization code for send push notifications throug new Firebase cloud messaging API. For this pourpose i need to get OAuth2.0 token. The problem its im only do a REST calls and ...

I started to configure google calendar on my new application. I almost made an exact copy of the authentication code displayed at google developers ( https://developers.google.com/google-apps/calen...

Currently I'm developing an Angular2 App and want to use a B2C Tenant for authentification. It does not works because I get an error: Invalid issuer in discovery document expected: The setup and ...

I'm building a browser app that requires to authenticate with Google using the OAuth 2.0 / JWT workflow outlined in the link. In the scenario of success user authentication with Google OAuth 2.0, G...

With an OAuth2 implementation (either developed in-house, or a 3rd party like Google, Facebook, Login With Amazon, etc.), is it possible to generate an authentication code on behalf of a user logge...

Is storing an OAuth 2 token in cookies bad practice? If so, what are alternatives for a web app?

I have an app that is written with FastAPI and SvelteKit, both these is running in separate containers, the current solution is Svelte sends the username and password to the FastAPI server, the Fas...

I have a Web application that currently uses OAuth2 to authenticate users using their Google accounts. The flow is quite standard: the user logs in to Google, the web app gets a callback, retrieves...

I've been learning OIDC, especially authorization code flow. The front channel just gets the authorization code, and then sends this to the client's back end code which then makes a back channel ca...

I don't know what I do wrong, but everytime I tried to obtain the token (after user authentication of course), the result is always Invalid grant_type parameter or parameter missing Possibly relat...

In my website I have put up Login with Google, Login with Facebook and Login with Twitter. But if the same user logs in using different providers, ie. the user first logs in using Facebook and th...

This request was working a couple of months ago but when we tried again and directly using curl. It now returns an invalid_grant. I been trying to search the documentation, but only see the followi...

I am using UseOpenIdConnectAuthentication middleware for ASP.Net Core application to authenticate against Dells Cloud access manager token provider (setup to provide OpenId/OAuth2 authentication). ...