Reputation: 11
WSO2: How admin can generate user access token without user password
I'm trying to implement OTA (one time access) using WSO2 (IS 5.7.0, AM 2.5.0, EI 6.4.0), and I need to find a way to generate user access token.
I have tried:
using admin service for password recovery. Disadvantage is email template is bound to password reset, but OTA is not a password reset scenario, so using password recovery email template will be spoiled.
find admin service that generate user access token, but nothing was found
find WSO2 extension\plugin, but nothing corresponding was found
using OTP, but met an error like this: https://github.com/wso2/product-is/issues/1860
Upvotes: 1
Views: 408
Answers (2)
Reputation: 120
You can write a custom grant handler, to authenticate user, not via password, but using something he has unique(mobile no, email, etc) as per your requirement and generates an access token from that grant.
You can easily do a token call to WSO2 Identity Server through your custom grant and get the access token.
You can check out for more details in [1]
[1] https://docs.wso2.com/display/IS570/Writing+a+Custom+OAuth+2.0+Grant+Type
Upvotes: 0
Reputation: 12513
Even admins are not allowed to generate tokens for a user without their consent.
For one-time password, this should work. https://docs.wso2.com/display/IS570/Configuring+Email+OTP
Upvotes: 1
Related Questions
- WSO2 Token generation without password
- configuration only auth in Wso2
- How to authenticate WSO2IS User management APIs without password in Java
- wso2 calling API's without token
- WSO2 API Manager, is it possible to disable the access-token mechanism
- Server to Server Authentication in wso2 API manager
- WSO2: How to get user access token by API in a SSO setting environment with API-M and Identity server?
- WSO2 Api Manager using 3rd party authentication service to generate access tokens
- WSO2 APIM Authentication
- WSO2 API Manager Authentication