Hi Johann, Who are "we" in here? Is it Carbon APIs?
thanks, Dimuthu On Mon, Feb 22, 2016 at 1:42 PM, Johann Nallathamby <[email protected]> wrote: > +1. > > Also these set of authenticators should be used to secure any REST > endpoint that we expose, not only OAuth2. WDYT? E.g. in SCIM endpoint the > authentication is baked into the SCIM code, although it has a concept of > handlers. I think all these restful authentication mechanisms must unify > and come under a single framework. > > > On Mon, Feb 22, 2016 at 11:24 AM, Prabath Siriwardana <[email protected]> > wrote: > >> At the moment we are coupled into HTTP basic authentication >> with client_id/client_secret , which is not right.. >> >> Can we decouple this from the token endpoint..? And we should able to >> develop these authenticators as independent connectors.. >> >> WDYT...? >> >> -- >> Thanks & Regards, >> Prabath >> >> Twitter : @prabath >> LinkedIn : http://www.linkedin.com/in/prabathsiriwardena >> >> Mobile : +1 650 625 7950 >> >> http://blog.facilelogin.com >> http://blog.api-security.org >> > > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Technical Lead & Product Lead of WSO2 Identity Server > Governance Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Dimuthu Leelarathne Director WSO2, Inc. (http://wso2.com) email: [email protected] Mobile : 0773661935 Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
