Hi Ishara, Since APIM we only keep a reference to consumer key of oauth app this might be able to do if they can create the oauth app from pre-defined consumer key and secret.
Thanks On Wed, Apr 15, 2020 at 12:55 PM Ishara Cooray <[email protected]> wrote: > Hi Tharindu, > > With this feature, will it also support changing the OAuth provider for an > existing app without changing subscriptions, etc? > If one needs to change their OAuth provider in the future this will help. > > Thanks & Regards, > Ishara Cooray > Associate Technical Lead > Mobile : +9477 262 9512 > WSO2, Inc. | http://wso2.com/ > > > > On Wed, Apr 15, 2020 at 9:32 AM Tharindu Dharmarathna <[email protected]> > wrote: > >> Hi Gayan, >> For Self containing access tokens it already has the OOTB capability to >> validate the token from different token issuers. the Key Management layer >> will only use to validate the Reference tokens. >> >> To prefix, the token Generated from Identity providers, they have their >> own ways of differentiating the token, in Simple case, we will use the >> Regex validation and for other cases. they could write their own validation. >> >> Thanks >> >> On Tue, Apr 14, 2020 at 11:17 PM gayan gunawardana < >> [email protected]> wrote: >> >>> Hi Tharindu, >>> >>> In #6 Validating the Token, regex validation may work for >>> reference access tokens to find corresponding Oauth provider but can we >>> utilize regex validation for self-contained access tokens. Is it possible >>> mediate token generation and append specific prefix to identify Oauth >>> provider or else add mapping to a database table ? >>> >>> Thanks, >>> Gayan >>> >>> On Tue, Apr 14, 2020 at 10:13 PM Tharindu Dharmarathna < >>> [email protected]> wrote: >>> >>>> Hi All, >>>> >>>> We are going to implement Multiple Oauth provider support to WSO2 API >>>> Management. From this feature, dev portal users can create their Oauth >>>> Application on Pre-Defined OAuth providers. >>>> >>>> 1. Tenant Admin Create Oauth Provider from the Admin portal by >>>> providing OAuth provider details. >>>> >>>> - Client Registration endpoint >>>> - Introspection Endpoint >>>> - Scope Management Endpoint >>>> - Token Endpoint >>>> - Revoke Endpoint >>>> - Endpoint Security Details >>>> - Token Validation Regex. >>>> >>>> 2. Application developer creates the application defining the Oauth >>>> Provider type. >>>> 3. Application developer Generates the keys from UI. >>>> >>>> - Checks for the Consumer Key Generation can be done in the >>>> Specific Oauth Provider. >>>> - Generate the Oauth App on Oauth Provider and retrieves the Oauth >>>> Application Details. >>>> >>>> 4. Application Developer Retrieves the Application details from the UI. >>>> >>>> - Check for the Oauth provider selected. >>>> - Retrieve the Oauth App details from the Respective OAuth Provider >>>> selected. >>>> >>>> 5. Generating Oauth Token >>>> >>>> - Token Generation call will directly proxy into the token endpoint >>>> of Respective Oauth Provider. >>>> >>>> 6. Validating the Token. >>>> >>>> - Generated Token from Oauth Providers contains a specific change >>>> related to the Token. >>>> - Before validating the token we checking the Token was resided to >>>> which Oauth provider by checking from the Token Validation Regex given. >>>> - Token get validate from elected Oauth Provider and then retrieve >>>> the information related to the Token. >>>> >>>> 7. Delete the Application >>>> >>>> - Oauth Application will remove from Respective Oauth Provider >>>> assigned. >>>> >>>> >>>> I appreciate any thoughts and feedback on this. >>>> >>>> >>>> Thanks >>>> >>>> *Tharindu Dharmarathna*Technical Lead >>>> WSO2 Inc.; http://wso2.com >>>> lean.enterprise.middleware >>>> mobile: *+94779109091* >>>> _______________________________________________ >>>> Architecture mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>> >>> >>> -- >>> Gayan >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >> >> >> -- >> >> *Tharindu Dharmarathna*Technical Lead >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> >> mobile: *+94779109091* >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > -- *Tharindu Dharmarathna*Technical Lead WSO2 Inc.; http://wso2.com lean.enterprise.middleware mobile: *+94779109091*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
