Hi Shib, Redirection URL should be the url of the OAuth application requesting the access token.
Following document[1] contains an example explaining an application (WSO2 playground) obtaining the access token with implicit grant type. Please go through the document for further details. [1] https://docs.wso2.com/display/AM210/Implicit+Grant Thanks, DinushaD On Mon, Jun 11, 2018 at 9:49 PM, shibsankar <[email protected]> wrote: > Okay. I guess there is no user validation APIM API then. No problem. > > > I would like to try your suggestion > > *" ...I think it would be best to use implicit grant type for this > purpose. Basically, when someone wants to login to the your application > they will be redirected to APIM which they will prompt the login screen..."* > > What is the APIM redirection url? Is it this URL ? https:// > <wso2-server-public-ip>:9443/carbon/admin/index.jsp > or > some other url? > > > > *"...After successful authentication, they will obtain a token and > redirect back to your application. "* > > How to configure here to obtain token and redirect back to my application? > Could you please post configuration steps for this part. > > > Regards > Shib > > > > > > > > > > > <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> > Virus-free. > www.avast.com > <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> > <#m_590248786326008946_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> > > On Mon, Jun 11, 2018 at 5:36 PM, shibsankar <[email protected]> wrote: > >> Your suggestion is good, >> >> However, I don't want to redirect my application to APIM and prompt the >> login screen. >> >> Rather, *as an alternative*, I'd like to invoke user validation APIM >> API ( *exist ?*) for authentication. Do we have user validation >> APIM API? >> >> >> >> *something like this ...* >> >> >> // invoke APIM LDAP user authentication API >> >> *// Request JSON payload data:* >> >> { >> "credentials": { >> "username": "userx", >> "password": "mypass" >> } >> } >> >> *// Response data:* >> >> { >> "response": { >> "status": "true" >> } >> } >> >> >> Do we have similar such facility? >> >> Regards >> Shib >> >> >> >> On Mon, Jun 11, 2018 at 5:01 PM, Harsha Kumara <[email protected]> wrote: >> >>> >>> >>> On Mon, Jun 11, 2018 at 2:57 PM shibsankar <[email protected]> wrote: >>> >>>> Let me explain in detail what I plan to achieve. >>>> >>>> >>>> Step 1: User will login to my web application (angular js front end). >>>> >>>> *Step 2: I want to validate these users against LDAP User Store >>>> configured in WSO2* >>>> >>> I think it would be best to use implict grant type for this purpose. >>> Basically when someone want to login to the your application they will be >>> redirect to APIM which they will prompt the login screen. After successful >>> authentication they will obtain a token and redirect back to your >>> application. >>> >>>> Step 3: Once these users are authenticated, I plan to invoke token API >>>> with password grant to obtain an OAuth 2 token. >>>> >>>> Step 4: Once I receive the OAuth2 token, I would invoke APIM to get a >>>> response from backend rest API. >>>> >>>> >>>> I'm at *Step 2. * Can we authenticate logged in users against WSO2 >>>> LDAP user store? whats the curl command for this? >>>> >>>> Regards >>>> Shib >>>> >>>> >>>> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> >>>> Virus-free. >>>> www.avast.com >>>> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> >>>> <#m_590248786326008946_m_-2480271623769723822_m_8422013387296300243_m_4987511863897348861_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> >>>> >>>> On Mon, Jun 11, 2018 at 2:34 PM, Dinusha Dissanayake <[email protected] >>>> > wrote: >>>> >>>>> Hi Shib, >>>>> >>>>> I guess you are authenticating the user to perform certain operations >>>>> in APIM through rest APIs ?. >>>>> Please refer the documentation[1] which includes details of our REST >>>>> APIs (store/publisher and admin portal). There it has explained what you >>>>> have to do to get the necessary access tokens before invocation those rest >>>>> APIs. Please refer the "Getting started" section of any of the subsections >>>>> (eg [2] ) for necessary details. >>>>> >>>>> [1] https://docs.wso2.com/display/AM210/RESTful+APIs >>>>> [2] https://docs.wso2.com/display/AM210/apidocs/store/#guide >>>>> >>>>> >>>>> >>>>> On Mon, Jun 11, 2018 at 2:21 PM, shibsankar <[email protected]> wrote: >>>>> >>>>>> I have configured LDAP as a User Store in WSO2 (*screenshot attached*). >>>>>> This is okay. >>>>>> >>>>>> Now I plan to send an LDAP user id & password through *Postman *to >>>>>> WSO2 server to verify successful authentication. >>>>>> >>>>>> Could you please tell which WSO2 URL to invoke and what parameters to >>>>>> pass through *Postman* to test successful authentication? >>>>>> >>>>>> Regards >>>>>> Shib >>>>>> >>>>>> >>>>>> On Mon, Jun 11, 2018 at 12:46 PM, Dinusha Dissanayake < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi Shib, >>>>>>> >>>>>>> Yes you can. But you may need to configure LDAP as a user store >>>>>>> first. >>>>>>> >>>>>>> Please follow the document[1] to configure use stores. >>>>>>> >>>>>>> [1] https://docs.wso2.com/display/AM210/Configuring+User+Stores >>>>>>> >>>>>>> Thanks, >>>>>>> DinushaD >>>>>>> >>>>>>> On Mon, Jun 11, 2018 at 12:42 PM, shibsankar <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>> I have an LDAP with user credentials. >>>>>>>> >>>>>>>> Can I use LDAP user credentials as password grant to generating >>>>>>>> Oauth 2 token? >>>>>>>> >>>>>>>> >>>>>>>> *Please see the screenshot attached.* >>>>>>>> >>>>>>>> Regards >>>>>>>> Shib >>>>>>>> >>>>>>>> >>>>>>>> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> >>>>>>>> Virus-free. >>>>>>>> www.avast.com >>>>>>>> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> >>>>>>>> <#m_590248786326008946_m_-2480271623769723822_m_8422013387296300243_m_4987511863897348861_m_5925729601328441019_m_4045808147317074170_m_3545910350936696630_m_-7733728954474898531_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Dinusha Dissanayake >>>>>>> Software Engineer >>>>>>> WSO2 Inc >>>>>>> Mobile: +94712939439 >>>>>>> <https://wso2.com/signature> >>>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Dinusha Dissanayake >>>>> Software Engineer >>>>> WSO2 Inc >>>>> Mobile: +94712939439 >>>>> <https://wso2.com/signature> >>>>> >>>> >>>> >>> >>> -- >>> Harsha Kumara >>> Associate Technical Lead, WSO2 Inc. >>> Mobile: +94775505618 >>> Blog:harshcreationz.blogspot.com >>> >> >> > -- Dinusha Dissanayake Software Engineer WSO2 Inc Mobile: +94712939439 <https://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
