Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Genesys Backend
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
19
Issues
19
List
Boards
Labels
Service Desk
Milestones
Operations
Operations
Incidents
Packages & Registries
Packages & Registries
Container Registry
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Genesys PGR
Genesys Backend
Commits
4bc1b49e
Commit
4bc1b49e
authored
Nov 06, 2017
by
Matija Obreza
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Documented the password, client_credentials grants
parent
c27257d5
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
39 additions
and
10 deletions
+39
-10
src/main/asciidoc/api/security.adoc
src/main/asciidoc/api/security.adoc
+39
-10
No files found.
src/main/asciidoc/api/security.adoc
View file @
4bc1b49e
...
...
@@ -45,6 +45,9 @@ Most OAuth libraries, including https://gitlab.croptrust.org/genesys-pgr/genesys
Java library, will automatically obtain the access token following the OAuth protocol. This
section describes how to manually obtain the tokens.
==== Authorization Grant
Log-in to Genesys with your account or Google+
Obtain a verifier code by granting access to the "Genesys API reference" client. This is
...
...
@@ -63,6 +66,42 @@ Copy the authorization code: *THECODE* (looks like: 7wXP1r) and from shell, exec
$ curl 'https://sandbox.genesys-pgr.org/oauth/token?grant_type=authorization_code&client_id=CLIENTID&client_secret=SECRET&redirect_uri=oob&code=THECODE'
----
==== Username & Password
The **password grant** is available to trusted, secure clients (e.g. desktop
applications) where the user's password will not be captured or stored -- i.e.
it will be used once.
----
$ curl 'https://sandbox.genesys-pgr.org/oauth/token' --data 'scope=write+read&grant_type=password&username=USERNAME&password=PASSWORD&client_id=CLIENT_ID&client_secret=CLIENT_SECRET'
----
==== Client Credentials
System-to-System integration should not require user interaction. For that
specific purpose, Genesys allows for OAuth 2.0 "Client Credentials" grant.
With Genesys release 2.3 the *Client authentication grant* is also supported.
Kindly contact the helpdesk@genesys-pgr.org for information how to enable
system-to-system integration and to grant your Client the appropriate
permissions on Genesys.
**Note**: The client will be able to modify any data on Genesys on your behalf.
Read the section <<oauth, Client Credential Grant>>.
To obtain a valid (but short-lived) access token, a simple **POST** request to
Genesys is required:
----
$ curl -X POST 'https://sandbox.genesys-pgr.org/oauth/token?grant_type=client_credentials&client_id=CLIENTID&client_secret=SECRET&redirect_uri=oob'
----
This type of grant takes out the **user** authentication and authenticates the
remote system with Genesys, immediately issuing an access token.
==== Successful authorization
The server will respond with access token details in JSON format:
[source,json]
...
...
@@ -97,16 +136,6 @@ or include it in the request URL as a query string parameter:
$ curl 'https://sandbox.genesys-pgr.org/api/v0/me?access_token=OAUTH-ACCESS-TOKEN'
----
=== System-to-System integration
With Genesys release 2.3 the *Client authentication grant* is also supported. Kindly
contact the helpdesk@genesys-pgr.org for information how to enable system-to-system
integration and to grant your Client the appropriate permissions on Genesys.
**Note**: The client will be able to modify any data on Genesys on your behalf.
Read the section <<oauth, Client Credential Grant>>.
=== Using the refresh token
OAuth access tokens have a fairly short lifetime. When an access token expires, the
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment