Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

How to create

Click on authentications (lock symbol) and select Type: OAuth2 


Fields defined in the OAuth authentication option depends on the Grant Type. The remote system dictates what Grant Type to use. 

Grant Types 

  1. Authorization Code
  2. Implicit
  3. Resource Owner Password Credentials
  4. Client Credentials


Authorization Code

The Authorization Code grant type is used by confidential and public clients to exchange an authorization code for an access token.

After the user returns to the client via the redirect URL, the RINT will get the authorization code from the URL and use it to request an access token.

Step 1. Add new authentication

  1. Select Grant Type Authorization Code
  2. Copy the Callback url from RINT authentication UI

Step 2. Register RINT in the remote App

  1. Paste the Callback url into the remote app
  2. Copy & Paste the client id and client secret into the RINT Authentication configuration

The remote app will display a client id and client secret when doing this step. 

Step 3. Enter Authorize, Access Token url and Scope

There are two urls that the remote application needs to specify.

  1. Authorize url - used to make the concent and grant the authorization code
  2. Access token url - used for interchanging the authorization code to an access code. This is made behind the scence when the system is interacting.
  3. Scope - used to determine what resources shall RINT get access to.


Implicit

The Implicit grant type is a simplified flow that can be used by public clients, where the access token is returned immediately without an extra authorization code exchange step.

Resource Owner Password Credentials

The Password grant type is used by first-party clients to exchange a user's credentials for an access token.

Since this involves the client asking the user for their password, it should not be used by third party clients. In this flow, the user's username and password are exchanged directly for an access token.


Client Credentials

The Client Credentials grant type is used by clients to obtain an access token outside of the context of a user.

This is typically used by clients to access resources about themselves rather than to access a user's resources.'


OAuth remote apps how-tos






  • No labels