Just a thought; since we are going to support Key types other than OAuth for API invocation, should we consider renaming the rest resources to indicate that this is about generating OAuth keys/tokens?
On Wed, Jun 28, 2017 at 1:37 PM, Bhathiya Jayasekara <[email protected]> wrote: > Hi all, > > As discussed in [1], I split generate keys operation into 2, and added > "provide-keys" operation for semi-manual client registration. Here is the > final list with sample requests and responses. > > > POST /applications/{applicationId}/generate-keys > > { > "keyType": "PRODUCTION", > "grantTypesToBeSupported": [ > "client-credentials", "password" > ], > "callbackUrl": "http://localhost/callback"} > > > Response > > { > "consumerKey": "xxxxxxxxxxxxxxxxxx", > "consumerSecret": "yyyyyyyyyyyyyyyyyyy", > "supportedGrantTypes": [ > "client-credentials", "password" > ], > "callbackUrl": "http://localhost/callback";, > "keyType": "PRODUCTION"} > > > > POST /applications/{applicationId}/provide-keys > > { > "consumerKey": "xxxxxxxxxxxxxxxxxxxx", > "consumerSecret": "yyyyyyyyyyyyyyyyyyy", > "keyType": "PRODUCTION"} > > > Response > > { > "consumerKey": "xxxxxxxxxxxxxxxxxx", > "consumerSecret": "yyyyyyyyyyyyyyyyyyy", > "supportedGrantTypes": [ > "client-credentials", "password" > ], > "callbackUrl": "http://localhost/callback";, > "keyType": "PRODUCTION"} > > > > POST /applications/{applicationId}/generate-tokens > > { > "consumerKey": "xxxxxxxxxxxxxxxxxxxxx", > "consumerSecret": "yyyyyyyyyyyyyyyyyyyyyy", > "validityPeriod": 3600, > "scopes": "read write delete", > "revokeToken": "zzzzzzzzzzzzzzzzzzzzz"} > > > Response > > { > "accessToken": "aaaaaaaaaaaaaaaaaaaaaaaaa", > "tokenScopes": "read write", > "validityTime": 3600} > > > > [1] [APIM][C5] Splitting "Generate Keys" operation in Store REST API > > Thanks, > -- > *Bhathiya Jayasekara* > *Associate Technical Lead,* > *WSO2 inc., http://wso2.com <http://wso2.com>* > > *Phone: +94715478185 <071%20547%208185>* > *LinkedIn: http://www.linkedin.com/in/bhathiyaj > <http://www.linkedin.com/in/bhathiyaj>* > *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* > *Blog: http://movingaheadblog.blogspot.com > <http://movingaheadblog.blogspot.com/>* > -- Thanks and Regards, Isuru H. +94 716 358 048* <http://wso2.com/>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
