[ https://issues.apache.org/jira/browse/KNOX-3016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17825846#comment-17825846 ]
ASF subversion and git services commented on KNOX-3016: ------------------------------------------------------- Commit 8f38723bb6b8111eb93b01697e89dd98fb6f59f2 in knox's branch refs/heads/master from Larry McCay [ https://gitbox.apache.org/repos/asf?p=knox.git;h=8f38723bb ] KNOX-3016 - add support for client credentials flow (#876) * KNOX-3016 - add support for client credentials flow > Add Support for Client Credentials Flow with KnoxTokens > ------------------------------------------------------- > > Key: KNOX-3016 > URL: https://issues.apache.org/jira/browse/KNOX-3016 > Project: Apache Knox > Issue Type: Bug > Components: JWT > Reporter: Larry McCay > Assignee: Larry McCay > Priority: Major > Fix For: 2.1.0 > > Time Spent: 1h 10m > Remaining Estimate: 0h > > Adding support for integrations to Knox proxied services and APIs via OAuth > style cllient credentials flow. This allows an integration that is provided a > CLIENT_ID and CLIENT_SECRET to authenticate to Knox and directly access > proxied services with those or exchange those credentials for short lived JWT > based access, id and refresh tokens. > This change introduces only the acceptance of the Knox TokenID and Passcode > tokens as CLIENT_ID and CLIENT_SECRET in a standard OAuth 2.0 client > credentials flow request body. This body will contain the following params: > 1. grant_type and it will be "client_credentials" > 2. client_id which will be the KnoxToken tokenId or KnoxID > 3. client_secret which will be the passcode token for which we store the hash > Authentication using this flow will result in the effective user being what > is provided as the CLIENT_ID. -- This message was sent by Atlassian Jira (v8.20.10#820010)