Hi Imesh, I think we can add Oauth authentication for Stratos API. A user first obtain a token and then provide that token for subsequent API calls. AFAIR we have discussed this earlier too.
On Wed, Aug 12, 2015 at 9:12 AM, Imesh Gunaratne <im...@apache.org> wrote: > If another system (say A) is talking to Stratos via the REST API, we might > need to check how this work flow starts from A. It may either starts by > prompting the user to login or as a result of a background job. > > If its the first case then the system A should have some form of a token > or user credentials to talk to Stratos. Otherwise a system user needs to be > used to talk to Stratos. > > On Tue, Aug 11, 2015 at 1:57 PM, Udara Liyanage <ud...@wso2.com> wrote: > >> Hi Anurudda, >> >> The similar scenario came up when we create Oauth token when application >> creation. AS needed to call IS in order to create the token. There we >> overcome this by using JWT authenticator which validates the username. >> However you can not access Sratos API using that authentication. >> >> On Tue, Aug 11, 2015 at 1:22 PM, Anuruddha Premalal < >> anuruddhaprema...@gmail.com> wrote: >> >>> Hi Udara, >>> >>> I need to call the Stratos rest api from a wso2 server component as >>> tenant admin. We can get the tenant username however we cannot get the >>> password. Have you encountered this kind of use-case before?. Is there an >>> existing way to achieve this? >>> >>> Thanks, >>> Anuruddha. >>> >>> On Tue, Aug 11, 2015 at 12:35 PM, Udara Liyanage <ud...@wso2.com> wrote: >>> >>>> HI Anurudda, >>>> >>>> AFAIK you can not use a JWT token for REST API access. JWT tokens are >>>> used in two places, >>>> >>>> 1) For metadata API access >>>> 2) A JWT authenticator is used for Stratos- Identity server >>>> communication. >>>> >>>> Could you please explain your requirement in more detail so we can >>>> point you to extension places. >>>> >>>> On Tue, Aug 11, 2015 at 12:28 PM, Anuruddha Premalal < >>>> anuruddhaprema...@gmail.com> wrote: >>>> >>>>> Hi Devs, >>>>> >>>>> Is it possible to invoke the Stratos rest api using a signedJWT token >>>>> instead of BasicAuth?. Does this comes OOB? If not, is there any extension >>>>> point provided for a custom authentication handleri? >>>>> >>>>> Regards, >>>>> -- >>>>> *Anuruddha Premalala (MIEEE)Mobile : +94710461070 >>>>> <%2B94710461070>E-mail : anuruddhaprema...@gmail.com >>>>> <anuruddhaprema...@gmail.com>web : www.regilandvalley.com >>>>> <http://www.regilandvalley.com>Sri Lanka.* >>>>> >>>> >>>> >>>> >>>> -- >>>> >>>> Udara Liyanage >>>> Software Engineer >>>> WSO2, Inc.: http://wso2.com >>>> lean. enterprise. middleware >>>> >>>> web: http://udaraliyanage.wordpress.com >>>> phone: +94 71 443 6897 >>>> >>> >>> >>> >>> -- >>> *Anuruddha Premalala (MIEEE)Mobile : +94710461070 <%2B94710461070>E-mail >>> : anuruddhaprema...@gmail.com <anuruddhaprema...@gmail.com>web : >>> www.regilandvalley.com <http://www.regilandvalley.com>Sri Lanka.* >>> >> >> >> >> -- >> >> Udara Liyanage >> Software Engineer >> WSO2, Inc.: http://wso2.com >> lean. enterprise. middleware >> >> web: http://udaraliyanage.wordpress.com >> phone: +94 71 443 6897 >> > > > > -- > Imesh Gunaratne > > Senior Technical Lead, WSO2 > Committer & PMC Member, Apache Stratos > -- Udara Liyanage Software Engineer WSO2, Inc.: http://wso2.com lean. enterprise. middleware web: http://udaraliyanage.wordpress.com phone: +94 71 443 6897
