This API is about controlling application and associated token types right?
Different token types are then generated at API subscription time by
consumers with a specific grant type correct?
Isuru, IMO it's sort of implied.
-Chintana
On Thu, Jul 6, 2017 at 10:33 AM, Nuwan Bandara <[email protected]> wrote:
> Guys, also this is not directly related to the API design and as Isuru
> said we will have to think about different token types. At present many
> users ask for JWT tokens as oppose random string tokens. So should we think
> about the type too ?
>
> On Fri, Jun 30, 2017 at 12:35 AM, Isuru Haththotuwa <[email protected]>
> wrote:
>
>> Just a thought; since we are going to support Key types other than OAuth
>> for API invocation, should we consider renaming the rest resources to
>> indicate that this is about generating OAuth keys/tokens?
>>
>> On Wed, Jun 28, 2017 at 1:37 PM, Bhathiya Jayasekara <[email protected]>
>> wrote:
>>
>>> Hi all,
>>>
>>> As discussed in [1], I split generate keys operation into 2, and added
>>> "provide-keys" operation for semi-manual client registration. Here is the
>>> final list with sample requests and responses.
>>>
>>>
>>> POST /applications/{applicationId}/generate-keys
>>>
>>> {
>>> "keyType": "PRODUCTION",
>>> "grantTypesToBeSupported": [
>>> "client-credentials", "password"
>>> ],
>>> "callbackUrl": "http://localhost/callback"}
>>>
>>>
>>> Response
>>>
>>> {
>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>> "supportedGrantTypes": [
>>> "client-credentials", "password"
>>> ],
>>> "callbackUrl": "http://localhost/callback";,
>>> "keyType": "PRODUCTION"}
>>>
>>>
>>>
>>> POST /applications/{applicationId}/provide-keys
>>>
>>> {
>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxx",
>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>> "keyType": "PRODUCTION"}
>>>
>>>
>>> Response
>>>
>>> {
>>> "consumerKey": "xxxxxxxxxxxxxxxxxx",
>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyy",
>>> "supportedGrantTypes": [
>>> "client-credentials", "password"
>>> ],
>>> "callbackUrl": "http://localhost/callback";,
>>> "keyType": "PRODUCTION"}
>>>
>>>
>>>
>>> POST /applications/{applicationId}/generate-tokens
>>>
>>> {
>>> "consumerKey": "xxxxxxxxxxxxxxxxxxxxx",
>>> "consumerSecret": "yyyyyyyyyyyyyyyyyyyyyy",
>>> "validityPeriod": 3600,
>>> "scopes": "read write delete",
>>> "revokeToken": "zzzzzzzzzzzzzzzzzzzzz"}
>>>
>>>
>>> Response
>>>
>>> {
>>> "accessToken": "aaaaaaaaaaaaaaaaaaaaaaaaa",
>>> "tokenScopes": "read write",
>>> "validityTime": 3600}
>>>
>>>
>>>
>>> [1] [APIM][C5] Splitting "Generate Keys" operation in Store REST API
>>>
>>> Thanks,
>>> --
>>> *Bhathiya Jayasekara*
>>> *Associate Technical Lead,*
>>> *WSO2 inc., http://wso2.com <http://wso2.com>*
>>>
>>> *Phone: +94715478185 <071%20547%208185>*
>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj
>>> <http://www.linkedin.com/in/bhathiyaj>*
>>> *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>*
>>> *Blog: http://movingaheadblog.blogspot.com
>>> <http://movingaheadblog.blogspot.com/>*
>>>
>>
>>
>>
>> --
>> Thanks and Regards,
>>
>> Isuru H.
>> +94 716 358 048 <071%20635%208048>* <http://wso2.com/>*
>>
>>
>>
>
>
> --
>
>
> *Thanks & Regards,*
> *Nuwan Bandara | Director - **Solutions Architecture, WSO2 Inc.*
> *+1 646 643 8618 <(646)%20643-8618> | +1 650 745 2169 Ext 4212
> <(650)%20745-2169> | http://nuwanbando.com <http://nuwanbando.com> *
> <http://www.nuwanbando.com/>
>
--
Chintana Wilamuna | Associate Director/Solutions Architect | WSO2
<http://wso2.com/> Inc.
408 429 3321 | http://engwar.com/
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
