Hi Devs, Recently I have started implementing an oauth2-proxy client for Single Page Applications to be used as the proxy for securing resource access using OAuth2.
During that, I wanted to validate the access token. In the documentation, I found that it can be achieved using introspection endpoint [1]. There the given curl commands use Basic Authorization to access the introspection endpoint. As I research further I found [2] where it describes 3 methods on authenticating and authorizing to REST-APIs in IS. IMO it would be more convenient if there were a link between these [1] and [2]. WDYT? Highly appreciate if someone could point me a sample implementation where ClientCertificateBasedAuthentication is used for authentication and authorization for IS REST APIs. Also in the documentation giving a sample implementations for all the default methods described in [2] would be helpful for both the end-users and the community. [1] https://docs.wso2.com/display/IS530/Invoke+the+OAuth+Introspection+Endpoint [2] https://docs.wso2.com/display/IS530/Authenticating+and+Authorizing+REST+APIs Best, Thilina -- *Thilina Madumal* *Software Engineer | **WSO2* Email: [email protected] Mobile: *+ <+94%2077%20767%201807>94 774553167* Web: <http://goog_716986954>http://wso2.com <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
