Oauth.Us

Client Guide

Creating an OAuth pipeline involves two major steps:

  • Setting up the provider
  • Using a client application to connect to the provider

Provider

Creating an OAuth provider is straightforward and involves the following steps:

Applications

Now that we have our own OAuth provider, we can authenticate users and authorize applications using the standard OAuth2 flow.

For the rest of this guide, let’s assume that our provider has an IP address of 192.168.56.110. To find the IP address of your provider, navigate to the Providers page.

docs/../../../_static/img/info_provider.png

Each Oauth.Us provider comes bundled with several services:

  • A web-based administrative portal
  • A web-based user portal
  • An authorization server
  • An endpoint server

For this guide, we will focus on the authorization server and endpoint server.

Authorization Server

The authorization server is responsible for authenticating users and managing tokens. If you’ve never used OAuth before, we highly recommend reading the OAuth overview first.

In order to initiate an OAuth flow, you’ll need access to the authorization server endpoints. The authorization server runs on port 8080, so we’ll need to append the correct port number to all requests. The auth endpoint is used for the authorization code flow, and redirects a user to an Oauth.Us login page.

GET https://192.168.56.110:8080/auth

In order to actually fetch an access token, you’ll need to issue a POST to the following endpoint:

POST https://192.168.56.110:8080/token

The token endpoint is used for all OAuth flows, including the authorization code flow. Click here learn more about the authorization code flow .

Endpoint Server

Once a user has authorized your client application, your application can then make authenticated requests to fetch resources via the endpoint server. Say that the original resource was located at:

GET $RESOURCE_SERVER/myresource?param1='a'

After registering the endpoint, you can access the same resource via:

GET https://192.168.56.110:8999/api/myresource?param1='a'&access_token='abcd'

Click here too learn more about registering endpoints.