Newest 'oauth-2.0' Questions - Stack Overflow

Questions tagged [oauth-2.0]

OAuth (Open Authorization) is an open protocol framework to allow secure API authorization in a simple and standardized way for desktop, mobile and web applications. OAuth 2.0 is the second version of the OAuth protocol.

0
votes
0answers
6 views

How to get access to Google Drive video and images by using OAuth 2.0 for TV and Limited-Input Device Applications?

I am currently implementing a TV application (basically for Samsung and LG TVs) that should display videos and images from my Google Drive account. I am using OAuth 2.0 for TV and Limited-Input Device ...
0
votes
0answers
6 views

How to connect rabbitMQ using JWT token

The problem is resumed in the title. I need to connect to rabbit MQ using oauth2. Any advice ? i saw this plugin: https://github.com/rabbitmq/rabbitmq-auth-backend-oauth2 but i can't build it, and ...
-1
votes
0answers
8 views

Increase HTTP Response Size in SAP ABAP

I am trying to request access token from an oAuth service using if_http_client in SAP ABAP. Originally, overall response size is more than 1KB and the response string is more than 940 characters. ...
0
votes
0answers
13 views

Asp.Net Core Invalid authentication token error

I have my Asp.Net Core 2.2 app configured to use OAuth for authentication with our STS. This all works fine but in the production environment I can see the following errors from our Asp.Net Core app ...
1
vote
0answers
5 views

League\OAuth2\Client\Provider\GenericProvider SSL error

I used "league/oauth2-client" library and tried to get access token from provider. My first step that getting authorization code working properly. When i request for access token to provider, i got ...
0
votes
1answer
10 views

How to pass HTTP URL to the antMacher

I tried: http.requestMatcher(new NegatedRequestMatcher(new AntPathRequestMatcher("http://domainnamea.com/**"))); http.antMatcher("http://domainnamea.com/**"); and am getting the error: ...
0
votes
1answer
31 views

Bad Request is returned when Amplify is configured for hosted UI in Angular 6

Was going through the documentation of Amplify, to configure AWS Cognito hosted UI in Angular 6. Getting 400 Bad request after login. Below is the info: In main.ts AWS Amplify was configured. ...
0
votes
0answers
12 views

Why is Google OAuth2 adding a hash to the url?

I am having an issue where when my server redirects back to my client web app after successful Google OAuth authentication, a hash gets appended to the url. For instance, if upon success I redirect ...
0
votes
0answers
12 views

How to make WebSecurityConfigurerAdapter and ResourceServerConfigurerAdapter interleave

I'm trying to implement Resource Server with oauth2Login() configuration. Could you help me to separate authorization logic for two groups of endpoints? The first one must initialize OAuth2 ...
0
votes
0answers
9 views

Flask OAuth2 Server

I am creating a REST API using Swagger based on the PetStore example. I am using the Python-Flask Generated Server. I need to use OAuth2 for authentication. From what I undeerstand I need to: 1. ...
0
votes
0answers
7 views

How do I authorise Buffer into scribejava?

I use Buffer (the application that enables posting to social media) and I have registered an app as I want to automate my posts, to some extent. I want to use Java and I have identified scribejava as ...
0
votes
1answer
6 views

Which OAuth flow do I use and where do I store the token in the case of a (Android/iOS) WebView hybrid App?

I understand that the current best practice is to use PKCE with Public Clients: Note: Previously, it was recommended that browser-based apps use the "Implicit" flow, which returns an access token ...
0
votes
0answers
15 views

Which OAuth2 Grant type is suitable for Mobile applications

I'm using OAuth 2.0 for my Mobile application(React native) authentication.There are several grant types like Autherization code flow and Password grant flow in OAuth. But which one is suitable for my ...
0
votes
0answers
12 views

How to get the returned value of an authentication script [duplicate]

Here's my problem : I'm currently developping a Forge Autodesk web application, and it requires a token to work. So far I was setting the token myself in the code, after requesting it manually. I've ...
1
vote
0answers
18 views

Fine Grained Access Control over endpoints of my REST application endpoints using OKTA and OAUTH

Overview I have a REST application which has say 1 endpoint /ebook It has 3 HTTP verbs associated with it get (For fetching ebook details), post (For adding ebook), delete (For deleting ebook) ...
0
votes
2answers
19 views

How does it look when OAuth2 is used for authentication

There are lot of articles, why OAuth is not for authentication. I don't understand, where the authentication happens (if incorrectly used). Can someone explain on simple trusted web app and SPA usage ...
1
vote
0answers
30 views

How do I get message attachments in Gmail for forwarded messages addressed to an external user?

I have a Java program utilizing the Gmail API that authenticates with our G Suite via OAuth 2.0, downloads all attachments for messages in a specific user's inbox, and processes said attachments. I ...
0
votes
0answers
10 views

How to perform OAuth 2.0 with AccountManager.newChooseAccountIntent() in the same way as am.getAccountsByType()

I want to know how to retrieve an Account object by calling newChooseAccountIntent() rather than using AccountManager.getAccountsByType(). The newChooseAccountIntent() is just giving me the name of ...
0
votes
0answers
9 views

Moving from OIDC to SAML

So we have, what I imagine is a very common architecture. We have a static SPA, hosted on s3/cloudfront, that talks to an api. The SPA is secured via OIDC, and it sends the JWT to the API on every ...
0
votes
0answers
17 views

How to seperate Autorization server and Resource server in OAuth2?

I got a single project from github which has oauth2 to protect REST endpoints. it does the job. but i have a requirement to separate authorization server and resource server into two applications. ...
0
votes
0answers
20 views

Cannot get OAuth2 access token from browser (SPA)

I am working on a JS client to demonstrate the OAuth workflow for single page application (SPA). I am using WSO2 as auth server. The client (browser) can get the auth code after user has passed login ...
1
vote
1answer
81 views

LinkedIn OAuth failed with https_required error message

Our goal is to get the access token from Linked In API so that we can fetch the current user detail. We are following the API mentioned here: OAuth 2.0 Client Credentials Flow (2-Legged) The response ...
0
votes
0answers
21 views

How to get access token by grant password?

I get response "Trying to get property 'access_token' of non-object" I need to use Oauth2 protocol to connect to my web. I follow everything that i found but i get some result that i don't ...
4
votes
1answer
151 views

Oauth Login error while logging in using linkedin credentials (“error”:“https_required”)

I am using omniauth-linkedin-oauth2 (1.0.0) gem to login the users to our site using linkedin it was working fine until now not sure if its related to linkedin API changes or what I am getting the ...
4
votes
0answers
41 views

Oauth2.0 flow for a flexdashboard shiny app

We’re trying to implement OAuth2.0 into a Shiny app using Flex Dashboard. The OAuth flow is currently executing, I can login and see the code and state variables in the URL. When the OAuth server ...
0
votes
0answers
6 views

How to get Ebay user token without manual action

I'm trying to download pending orders via Fulfilment API, which needs User token. To request User token one needs to have a code that is sent into auth-accepted page ... but this requires manually ...
0
votes
0answers
21 views

Which is the right way for an authentication with the youtube API?

I have a (Web)Client-Server Application. The Web-client opens the application in the browser and sends a request to the server(Java/Spring), which creates a video and should upload it on Youtube. I ...
0
votes
0answers
21 views

Is there a way to maintain multiple 3rd party OAuth2 tokens in different OAuth2RestOperations?

I want my backend service to be able to SSO into multiple 3rd party APIs to access their resources. How would I go about having two different OAuth2RestOperation beans? I am writing a backend service ...
0
votes
0answers
9 views

How to send oauth2.0 id_token in http header? Incorrect padding error

I'm trying to send a googleId and id_token in an http header. For some reason, I cannot verify the token due to an incorrect padding error. I'm following this guide: https://developers.google.com/...
0
votes
0answers
18 views

Redirect to Frontend ( On A Different URL ) after OAuth2 Login

I am trying to setup my application as follow : Angular 7 frontend, served at, say http://localhost:4200 Express backend, served at, say http://localhost:3500 Passport library for OAuth2 ...
0
votes
1answer
28 views

Need help fetch friends from vkontakte

I have written oauth2 social client but could not fetch authorized user's friends list Please have a look at my code to see what's missing/ regards please look at @RequestMapping("vkontakte/friends") ...
0
votes
0answers
10 views

Integrating Zuul and Oauth2client

I want to implement the following design using Zuul and Spring OAuth2: UI --> token A --> Zuul --> token B --> multiple services To summarize - one OAuth2 token allows communication with Zuul, a ...
1
vote
0answers
12 views

API Automation Testing using Katalon Studio- automate the process of OAuth 2.0 authorization token generation

I have started using Katalon-Studio for API Automation testing. I want to automate the process of OAuth 2.0 authorization token/barear token generation and then update it to HTTP Header instead of ...
0
votes
0answers
19 views

Oauth2 server return invalid_grant how do I fix?

I am setting up an Oauth2 server and using the authorization code grant flow. I am using the sample server from here github.com/authlib/example-oauth2-server. After returning the authorization code, I ...
0
votes
0answers
36 views

How to deny ASP.NET Core Identity social registration by claim

I'm using an OAuth social login with ASP.NET Core Identity and want to only accept new registrations for users with a specific claim, but cannot find a way to do this. I realise I can use Claims-...
0
votes
1answer
23 views

AWS Alexa skill linking with oauth 2

Hello to all I am new in AWS Alexa, i have a work to Alexa Skill account linking using PHP with oauth 2.0. I have successfully configured all and also get code for Auth Code Grant but when i run my ...
0
votes
0answers
14 views

Why does SerializeTicket() return token with all scopes that resource allows for client

Using AspNet 4.6.2 to generate access tokens, using any Auth flow (have tried Code Flow, Implicit Flow, Client Credentials Flow), using the AuthenticationTokenCreateContext class from Microsoft.Owin....
0
votes
0answers
7 views

OAuth2 Youtube Scope just for comments, likes and and subscribing

I'm creating an app that have some youtube features that should allow users to post comments on videos (and edit/delete their own comments), like videos and subscribe to channels. I already ...
0
votes
1answer
11 views

Setting up OIDC via Auth0 for a web site that is hosted on customer networks

As part of a process to update/secure/centralize our auth and licensing process, we are looking at using OIDC via Auth0. Part of our package is a web site that is typically hosted on customer networks....
0
votes
1answer
19 views

Android authentication on Keycloak with identity providers like Google and Facebook

I am creating a native android application and I am using keycloak authentication, because my web app and my API is already configured with keycloak. I setup Facebook and Google as identity providers ...
0
votes
1answer
17 views

Get request for bearer token

The object is to recieve a bearer token from the requested API. I was able to complete this using postman but would like to implement into my app. I have attempted many different variations of calls ...
0
votes
0answers
16 views

Authenticating daemon API calls

i'm building a monitoring web app. The app will show information about the user's system, to achieve this i'll be making API calls every x seconds through a daemon process that will be installed by ...
0
votes
0answers
6 views

Implementing python script using djangorestframework for makin an api for fitbit using oauth2

I need to implement my python code for making an Api on fitbit using Oauth2 i need all codes please help me with it code on views.py and what else is use using python script in pycharm with django-...
0
votes
1answer
15 views

Google Oauth recognizing G-Suite account

I am trying to add Google Sign In to my application. I want to limit who can sign in to a list of allowed companies (ie. a company that has a billing account with me). I intended to do this by ...
-1
votes
0answers
12 views

multiple authentication logics for saml authenticated users and none authenticated users [on hold]

I need an complete example to develop following requirements: I have alredy developed an auth server and implements sso among 3 portals using session(cookie) based authentication.it need to access by ...
0
votes
1answer
30 views

Excel web addin authentication for AppSource

I am building an Excel Web Addin. I'll need to authenticate the user against Office 365 and publish the addin to AppSource / Office Store. What is the ideal authentication method to use? I found ...
0
votes
1answer
24 views

API request for LinkedIn user data always returns 401

I am building back-end(API) of mobile application on asp.net core. Using swagger for visualization of API calls and so on. Currently I am creating external authentications, I have some problems with ...
0
votes
3answers
31 views

How can we integrate identityserver4 and web api in the same project(port) instead of creating different projects for each?

Couldn't configure the identityserver 4 authorization and bearer token authentication middleware in the same project.
-1
votes
0answers
11 views

What is the need of client secret?

I am using following google sign-in flow in my react + sprint-boot application : 1) User clicks google sign-in button and front end gets authorization coe (not token) using client id. 2) Backend ...
0
votes
1answer
21 views

Laravel Passport custom validation for any /oauth/token request

I need to validate extra fields in my users table before i create the requested tokens, but i can't find a simple way to do it with Passport. I find similar workarunds which returns a token using $...