Questions tagged [oauth-2.0]

OAuth (Open Authorization) is an open protocol framework to allow secure API authorization in a simple and standardized way for desktop, mobile and web applications. OAuth 2.0 is the second version of the OAuth protocol.

0
votes
0answers
6 views

Log Out does not work correctly in Spring Security OAuth2

There are a Zuul gateway as Spring-Security-OAuth2 client and Authorization Server. Those are located here The part of Zuul config: http .csrf() .disable() ...
0
votes
0answers
11 views

How to integrate Social Login with existing .Net core Web API backend and Angular SPA frontend with working OpenIddict user/password and bearer token

TL;DR Question: how to implement social login (OAuth2 authorization flow) with an existing SPA/Web API application that is based on identity, user/password, bearer token authentication? I have an ...
0
votes
0answers
21 views

Get user's username when his oAuth2 tokens expired

I want to remove some information about a user on my Spring server when his oAuth2 access and refresh tokens expired. I have already post a similar post about this problem, but unfortunately I found ...
1
vote
2answers
37 views

How can I link my Function App to the newly Registered Application?

I start to migrate my Live SDK registered applications to the new Application Registration Portal as Microsoft is deprecating their support: I went on the App Registrations (Preview) page in the ...
0
votes
0answers
18 views

How to configure adfs with OAuth2 using .net core?

I am configuring authentication in my app using OAuth until now I have configured all endpoint what I supposed to need, but the external server, where AD FS is configured, keep showing an error. I ...
0
votes
0answers
11 views

YouTube Analytics API script 403 Error even if user authorises app with OAuth

I have a python script that pulls stats for my YouTube channel. I used this sample code here. I have downloaded the Client secret, authorised YouTube Analytics API and I am able to see some data in ...
0
votes
1answer
20 views

Login in Google Colab with Oauth2

I'm trying to login in a Google Colab notebook with Oauth 2.0 but the Google login web page that is launched ends in a non-existent web (http://localhost:8090/?code=4/NAFDWUxkOxp3FIlB9I_vxFTFm-...
0
votes
0answers
10 views

How to request gmail info from Google's gmail API

I’m developing an angular 6 application. I'm using oauth2 tokens to hit Google API endpoints. Currently, I’m testing with this one: https://www.googleapis.com/gmail/v1/users/ It’s suppose to get you ...
0
votes
0answers
10 views

Enabling health matrix in Spring OAUTH 2 server

I have made my authorization server on spring boot the code shown below but the problem is that I want to enable the health matrix for my authorization server but I have added the required Maven ...
-1
votes
0answers
10 views

How should I obtain the Outlook token without user interaction

I am having two problems related to Microsoft Outlook using the OAuth 2.0. I am working with C# and the library Microsoft.Identity.Client. 1. I need to get the tokens in the background without ...
0
votes
1answer
24 views

How to upload a file to GCS using javascript?

I am trying to upload a file to GCS using javascript. I found this answer which shows how to upload and see the progress of that file. I also followed the official documentation All of the above ...
0
votes
1answer
25 views

In Spring boot JWT Plus Oauth2, TokenStore findTokensByClientId(clientId) returns blank array (I want active tokens)

I implemented spring boot with jwt plus oauth2 (In memory). Here tokens are located in memory rather than database. But when i use tokenStore.findTokensByClientId(clientId) then it returns blank ...
1
vote
1answer
27 views

Call SharePoint Online with same AAD token

I have a bot framework application which able to call Graph API. There is an oauth authentication flow to login my user to bot application. I can query Graph API like following requests: https://...
0
votes
0answers
20 views

How can I access the birthdate from HWI/OAuthBundle when connecting via google OAuth 2?

I have a PHP Symfony 4.2 application with HWI/OAuthBundle properly configured. I created an OAuth 2 key and secret. I configured it in the hwi_oauth section of the symfony files. I use it to login ...
0
votes
0answers
16 views

What is the way to setup both spring-boot security based login and oAuth2 based login together?

I have created a basic spring-boot application with both the dependencies of spring-security starter and oAuth2 authenticator with Google API, now whenever I run my application it triggers the google ...
0
votes
0answers
21 views

Refresh token does not work in Spring Security OAuth2

There are a gateway as oauth2 client and an Authorization Server. The grant type is authorization_code. Every thing is working correctly. The Uaa and Gateway and a Resource Server are located here. ...
0
votes
1answer
18 views

How to find API endpoints that accept oauth2 tokens

I have an angular 6 application which makes requests to various oauth2 providers. I’ve managed to successfully request access tokens from these providers using the implicit grant type (will be working ...
-1
votes
0answers
15 views

I can not figure out how to skip “explicitly allowing” my project to manage my Youtube videos

I am trying to upload a video to YouTube from code. I downloaded the code below from the Internet that help me to do it using a project I created from where I downloaded "OAuth 2.0 client IDs" saved ...
0
votes
0answers
16 views

Store client access token in database

I just start working on service that is a middleware between other services. I have only a question about approach of storing a JWT token for other services in database: User create a account on my ...
0
votes
0answers
15 views

Enabling OAuth 2.0 Authorization Server seems to prevent some existing servlets from serving pages

It seems that when I enable the OAuth 2.0 Authorization Server, via xml definition, <oauth:authorization-server client-details-service-ref="clientDetails" token-services-...
-1
votes
0answers
17 views

[Unity]Oauth intervenes.iOS SFAuthorization was crashed in First Open

I faced problem only on iOS. When I use Facebook or Google OAuth login SDK, called SFAuthenticationSession to open login UI. The situation is when user click ‘login’ button, the UI will be opened and ...
0
votes
0answers
26 views

I have a problem with django-allauth linkedin signup

I tried to signup with the django-allauth linkedin module, but when the django-allauth callback call this URL: /accounts/social/signup/ nothing is happening (it stuck on /accounts/social/signup/). ...
-1
votes
0answers
18 views

Understanding the OAuth 2.0 Protocol

I have some questions about the OAuth 2.0 protocol. I have read a lot of about it and i am little confusing: I see according the following tutorial "https://256stuff.com/gray/docs/oauth2.0/" that the ...
0
votes
1answer
33 views

Keycloak : authenticating a Rest API written in JAVA

I'd like to authenticate a Rest service (RS) against a Keycloak server (KS). RS is accessed via an application (APP) and not a browser for example. So far, I've understood the way to proceed is as ...
1
vote
1answer
26 views

How to get oauth2_proxy running in kubernetes under one domain to redirect back to original domain that required authentication?

I've been setting up a kubernetes cluster and want to protect the dashboard (running at kube.example.com) behind the bitly/oauth2_proxy (running at example.com/oauth2 on image a5huynh/oauth2_proxy:...
1
vote
0answers
19 views

How to access Wordpress authentication token

We are trying to link our website to Wordpresses API using OAuth 2.0. Hoping that a client can authenticate and post to WordPress from our site. We need to receive an access token to do this. We have ...
-1
votes
0answers
19 views

Discord send Oauth2 redirect url with the 'code' in url-query. How to get that code in my google script

We can't get the url query 'code' to our google script. 1 This discord documentation https://discordapp.com/developers/docs/topics/oauth2 shows that we get an redirect url with a query names 'code' ...
0
votes
0answers
11 views

OAUTH2 server to server and still identify clients

I want to expose my API to other businesses (customer). Since my APIs are deployed to AWS I wanted to use Cognito for granting access. As I don't have an web/mobile app, I thought the only solution ...
1
vote
2answers
30 views

OAuth token Unauthorized on browser

I'm using Angular 7 and I got a problem with Headers. This is my code: signin() { let signinData = this.signinForm.value; this.encoded = btoa("my-trusted-client:secret"); let ...
0
votes
1answer
27 views

Request only 'openid' scope from Google Sign-In for Websites

I'm integrating Google sign-in to my web app, but no matter what I specify, it always shows a warning in the login flow: To continue, Google will share your name, email address, and profile picture ...
2
votes
0answers
44 views

Client Credential flow sending 401 error whereas Individual flow is working on Microsoft Graph API

Through an Oauth2 client credentials flow, i get an access token which seems to have the right audience, roles... for the Microsoft Graph API. Nevertheless, a call to the Graph API to get messages a ...
2
votes
0answers
21 views

Unable to execute silent refresh after receiving id_token ,while implementing implicit flow , both azure ad and google identity services

I've enabled implicit flow support in azure AD registration which says:- "To enable the implicit grant flow, select the tokens you would like to be issued by the authorization endpoint:" And i am ...
0
votes
0answers
16 views

How to resume the specific fragment after redirecting to the app on successfully connecting to Stripe?

How to return to the app when the server replies the browser with the authorization code after successfully connecting the Stripe account? I have implemented a button which opens the new intent to ...
0
votes
1answer
37 views

What are the minimum scopes needed in an oauth2.0 to grant a web app access to a user’s google spreadhseets?

I’m using google visualization charts and timeline to display some data on a simple webpage. The data for the charts comes from a google sheet. The google sheet is set to private and therefore I need ...
3
votes
0answers
43 views

How do I use cfoauth for Microsoft Single Sign On or with Azure Active Directory?

I'm trying to set up an internal website so that my company's users can log in without creating brand new accounts. I am open to using Microsoft Single Sign On OR pulling from our Active Directory on ...
0
votes
1answer
43 views

ReactJS call to back-end route to login user with Google/Facebook

I have a NodeJS Express server running on localhost:5000 Also my ReactJS server is running on port localhost:3000 I try to implement login with oAuth2.0 Google but having troubles making calls to ...
-1
votes
1answer
42 views

Is our Identity Server necessary if we don't need SSO or OAuth 2?

Our infrastructure looks like this: IdentityServer4 Auth Server, .NET Core 2.2 web api Angular SPA1 Angular SPA2 MVC MVCApp1 My understanding is that the purpose of Identity Server 4 is to do one of ...
0
votes
0answers
12 views

Should a JWKS URL be hosted by the Service Provider or the OpenID Provider?

I am wondering if it's a good idea to have the JWKS URI be hosted by service Provider (Pingfederate Server in SP Mode) instead of the authentication OpenId Server. I currently have a static public ...
0
votes
0answers
17 views

How do I configure multiple Alexa account profiles using the serverless.com framework?

How do I configure multiple Alexa account profiles using the serverless.com framework? For clarification, this is not the aws profile section of the serverless-framework. When making an Alexa skill, ...
0
votes
0answers
14 views

Unable to obtain activity for urn - Linkedin OAuth 2.0 error message in Postman

I am using the Linkedin API OAuth 2.0 API and trying to perform a 'like' to a post or a comment using the new version 2 of the Linkedin API using the Postman client. I have the following POST request ...
0
votes
1answer
9 views

Handling Coinbase API react native redirect with OAuth authorization using react-native-app-auth

I've got OAuth working in React Native using react-native-app-auth. My app redirects to Coinbase for OAuth authorization without a problem. The issue is once authorized how to return to my app with ...
0
votes
0answers
20 views

Liking post/comments using the v2 OAuth 2.0 Linkedin API

I am using the Linkedin API OAuth 2.0 API and trying to like post/comments using the new OAuth 2.0 API. The following example below shows an POST request to following endpoint: POST https://api....
1
vote
1answer
17 views

Authorization Code Grant: how can I get an access token when the user is not present?

I would like to ask the user to authorize my application only once and then be able to use his credentials to make DocuSign API call even when he is not connected to perform automatic operations. I ...
0
votes
0answers
10 views

Why validate redirect_uri in token call (code to token exchange)

I haven't seen a good explanation online as to the specific security exploit that this protects from. Assuming the OAuth provider validates the redirect_uri in the initial call to the authorization ...
0
votes
1answer
36 views

AcquireTokenAsync: What Kind of Token is being returned?

The version of the AcquireTokenAsync constructor I use returns a Security Token I noticed some other versions of this constructor return an Access Token After reading around, I still haven't found ...
-3
votes
0answers
11 views

How to create admin login for webservice [closed]

I am setting up a new web service that will have a admin login, I have checked out some libraries to implement an authentication for certain endpoints that admin only will have access too. Should I ...
0
votes
1answer
17 views

Google Cloud: Mark OAuth Key as private

I created an OAuth 2.0-Client-ID (Credentials) for a private application. The usage terms says that "OAuth Application Verification" is not necessary if I don't share my application. But if I open the ...
0
votes
0answers
10 views

React 16.4.0 Cache control during OAuth2 login sequence

I'm trying to set up a OAuth2.0 login sequence on a reactjs application. Running from Chrome. The react application checks if it has an access token or a TGT and, if it has neither, redirects to the ...
1
vote
2answers
30 views

Is it good to to implement oAuth for SSO?

I would like to create SSO support for my products. I'm planing to make oAuth login, instead of normal login flow. Is it good to implement oAuth for my own server login? And if it is fine how should ...
0
votes
1answer
37 views

How to call API from the Identity Server startup

I have a problem I hope someone could help to point me towards a solution. I have an IdentityServer 4 asp.net core implementation. This identity server is used to protect a WebAPI via various ...