...
| Code Block |
|---|
| language | bash |
|---|
| title | Enable brand access check for public endpoints |
|---|
|
rest.api.security.public.brand_access_check=true |
Trusted app-authentication - this corresponds to a "backend" use-case scenario. The authentication is done by validation username/password in the OAUTH_CLIENT_DETAILS table. An URL example for this scenario is (note grant_type=client_credentials value):When the above parameter is in place an access token (Authorization: Bearer access_token) is required to be sent in the request. For public endpoints one can obtain a access token by using the "client_credentials" grant type.
| Code Block |
|---|
|
https://host:port/appcontext/oauth/token?grant_type=client_credentials&brandKey=a_valid_brand_key |
| Code Block |
|---|
|
CURL example: curl -v -X POST -u myclientid:myclientsecret http://host:port/appcontext/oauth/token -H "Accept: application/json" -d "grant_type=client_credentials&brandKey=#myBrandKey"
where:
myclientid, myclientsecret are taken from OAUTH_CLIENT_DETAILS table |
| Info |
|---|
|
Use this scenario in a secure setup (both apps behind a firewall, where only access from the trusted app is allowed). The reason behind this is that the clientid and the client password are send using Base64 encription.
#myBrandKey is taken from the Brand table |
| Info |
|---|
|
To configure swagger to use this authentication scenario, an additional parameter has to be set in Properties.txt file: rest.swagger.auth.flow=client_credentials |
...