Hi Gayan, Thanks for the reply. Please see the inline comment.
On Tue, Nov 14, 2017 at 8:40 PM, Gayan Gunawardana <[email protected]> wrote: > > > On Tue, Nov 14, 2017 at 2:48 PM, Thilina Madumal <[email protected]> > wrote: > >> Hi Devs, >> >> Recently I have started implementing an oauth2-proxy client for Single >> Page Applications to be used as the proxy for securing resource access >> using OAuth2. >> >> During that, I wanted to validate the access token. In the documentation, >> I found that it can be achieved using introspection endpoint [1]. There the >> given curl commands use Basic Authorization to access the introspection >> endpoint. >> >> As I research further I found [2] where it describes 3 methods on >> authenticating and authorizing to REST-APIs in IS. >> IMO it would be more convenient if there were a link between these [1] >> and [2]. WDYT? >> > Not only introspection this is common to any REST API exposed by Identity > Server. > +1 for having a link to [2]. > >> >> Highly appreciate if someone could point me a sample implementation >> where ClientCertificateBasedAuthentication is used for authentication >> and authorization for IS REST APIs. >> > If this is about client side implementation you can try it from some tool > like SOAPUI. > I'm implementing a client (an oauth-proxy for SPAs) application. There I want to access the introspection REST API to validate the access tokens I obtain on behalf of the SPAs. > >> Also in the documentation giving a sample implementations for all the >> default methods described in [2] would be helpful for both the end-users >> and the community. >> > >> [1] https://docs.wso2.com/display/IS530/Invoke+the+OAuth+ >> Introspection+Endpoint >> [2] https://docs.wso2.com/display/IS530/Authenticating+and+ >> Authorizing+REST+APIs >> >> Best, >> Thilina >> -- >> *Thilina Madumal* >> *Software Engineer | **WSO2* >> Email: [email protected] >> Mobile: *+ <+94%2077%20767%201807>94 774553167* >> Web: <http://goog_716986954>http://wso2.com >> >> <http://wso2.com/signature> >> >> > > > -- > Gayan Gunawardana > Senior Software Engineer; WSO2 Inc.; http://wso2.com/ > Email: [email protected] > Mobile: +94 (71) 8020933 > Best, Thilina -- *Thilina Madumal* *Software Engineer | **WSO2* Email: [email protected] Mobile: *+ <+94%2077%20767%201807>94 774553167* Web: <http://goog_716986954>http://wso2.com <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
