Reputation: 977
How do I obtain an OAuth token from WSO2 using the Consumer Key/Secret?
I am very new to WSO2 and am still evaluating it - mostly through Fiddler. It is my understanding that I should be able to obtain an OAuth token by calling WSO2's Login API. I have attempted various URLs (in Fiddler) along the lines of:
// Based off a blog post : http://lalajisureshika.blogspot.com/2012/11/generate-application-tokens-user-tokens.html
http://localhost:8280/login?grant_type=password&username=admin&password=admin&scope=PRODUCTION
Authorization: Basic cFNET0lab1RnMHRBODRCWmQ4bTRBbnp1c0RZYTpZREIzZzh3RXhQOV92ZTdZX1drYVhieWx5ZlVh
When I execute the above URL, I receive (403) No matching resource found in the API for the given request.
I can use the the "Access Token" (via the Bearer tag) and the APIs work. I just can't figure out how to obtain the OAuth token for actual runtime use.
Any pointers/ideas?
--- Thanks, Jeff
Upvotes: 1
Views: 3573
Answers (4)
Reputation: 3753
Setup Identity Server [domain:9443] Create OAuth2 application, and get client id , consumer key and url.
Process post request by using 'poster' with bellow details ,
URL :- which get from oauth application
Content Type :- application/x-www-form-urlencoded
body:- grant_type=password&username=your username&password=your password&client_id=your client id&client_secret=your client secret
Upvotes: 0
Reputation: 1046
Below is an example using cURL tool available in linux by default ( you can install cURL for windows explictly)
curl -v 4 -X POST -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "grant_type=password&username=&password=&client_id=&client_secret=" https://:9443/oauth2/token
to obtain the client_secret & client_id you have to register a app in wso2is.
There are free tools available to construct the above request or directly use the above parameters and to get the token.
Upvotes: 0
Reputation: 249
- Setup Identity Server [
domain:9443] - Create OAuth2 application, and get client id + consumer key
- Get Base64 encoded of clientId:consumerKey - replace this for Authorization Basic xxxxx
- Replace the REST endpoint for token generation - This you should get in oauth application on management console [in our case
https://domain:9443/oauth2/token]
And below curl command should give you the response
curl -k -d "grant_type=password&[email protected]&password=xxxx1234" -H "Authorization" -H "Authorization: Basic X2dhWllidkN6TDNQY2ZqSmVBQ1lsNlg2SFdRYTpSQVlSMmxOZzQ0enU5ZXVGSDRDVXdOUWRudlVh, Content-type=application/x-www-form-urlencoded" https://domain:9443/oauth2/token
Upvotes: 2
Reputation: 431
You can directly access OAuth2 REST web service to access the token.Here is how you can access token using curl
curl --user ConsumerKey:ConsumerSecret -k -d "grant_type=password&username=admin&password=admin" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2endpoints/token
Upvotes: 0
Related Questions
- How to pass authorization header in WSO2 OAuth2 and its backend API server Oauth2?
- Retrieve user access TOKEN from WSO2 Api Manager
- How to implement Oauth2 without sending client_secret in WSO2 APIM
- wso2 API-M 3.0 - how to get oauth token for product/admin api calls
- wso2 API-M : how to get a token by using wso2 API-M store rest api
- OAuth2 authorization code PKCE without client_secret (wso2 5.3.0 IAM)
- WSO2 api manager with keycloak auth server
- WS02 AM - Getting ClientId and Client Secret programatically
- how to get access token using the consumer-key and consumer-secret in wso2 AM
- WSO2 IS OAuth2 Resource owner password - getting access token