Hi Tharindu, Thank you so much for your response. I already have registered with Google an OAuth app and got client credentials, I will tell my requirement properly below, please suggest me any solution. 1) I obtain WSO2 client credentials in API store for my application. 2) I will also obtain Google OAuth app client credentials. 3) I need to configure WSO2 in such a way that when I request http://localhost:8243/authorize, it should redirect to Google authentication page. 4) User will authenticate with Google and it will redirect to WSO2 to generate authorization code and WO2 will provide me that code. 5) User app then request http://localhost:8243/token to get access token to call my APIs.
Is this possible with some customization or adding a feature that support this flow instead of using Identity Server 5.3.0. On Thu, Dec 7, 2017 at 8:07 AM, Tharindu Edirisinghe <[email protected]> wrote: > Hi Shiva, > > If the external Identity Provider supports SAML based authentication, then > you can do this straight away using only the API Manager 2.1.0. > > For that, you can create an IDP from the Management Console and under the > Federated Authenticators, you can add SAML configuration related to the > external IDP. (See the attached image IDP_Config.png). > > Then, when you have the APIs published from the publisher, you can go the > store, create an application and subscribe for the published APIs. There, > when you generate the Keys for the application, in the Management Console > you can see that a corresponding service provider getting automatically > registered for that application. (See the attached image List_SPs.png). > > Then, in that service provider configuration, under the Local and Outbound > Authentication section, you can link the federated authenticator which you > have already added as an IDP (SAML based). > > This way, when the OAuth request comes to API Manager for generating an > access token for the particular application (service provider), API Manager > will perform the federated authentication flow. > > I have tested this with an external SAML based IDP and it worked. > > If you need to use facebook, by default the facebook federated > authenticator feature is not installed in API Manager. If we can get the > feature installed, then similarly we should be able to get facebook also to > working in the same way. However we haven't tested that out. > > Thanks, > Tharindu Edirisinghe > > > > On Wed, Dec 6, 2017 at 2:32 PM, Shiva Kumar K R <[email protected] > > wrote: > >> Hi, >> >> I have to use Google, Facebook or any third party Identiy provider just >> to authenticate users and giving access to my APIs by generating access >> token in my WSO2. I know Identity server support it but because of resource >> constraints I want this to be achieved through only WSO2 API Manager. Is >> there any work around also please suggest me. >> >> Thank You, >> Shiva Kumar >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > > Tharindu Edirisinghe > Senior Software Engineer | WSO2 Inc > Platform Security Team > Blog : http://tharindue.blogspot.com > mobile : +94 775181586 >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
