-
Uncaught exception 'GuzzleHttp\Exception\ClientException' with message 'Client error: `POST http://oauth2-server.dev/token.php` resulted in a `400 Bad Request` response: {"error":"invalid_client","err…
-
Hi,
I am currently developing mobile app and API, using the OAuth2 server with Password grant. I must also implement user login via Facebook and LinkedIn.
As far as I understand I need to develop cu…
-
#### Describe the change
Balloon already has a working Idp (see current situation). But 1st party apps like the web ui and the desktop client use the resource owner grant flow for internal authentica…
-
When i set up my demo according the doc. i met access denied. When i debug it, i found i must set UserAuthorizationHandler.
My question is, when i sent authorization request to get code in oauth2 aut…
-
**Describe the bug**
Im wondering why my JWKS is empty. I have setup a forward auth proxy with traefik, and if i request to
```
https://my-server/application/o/my-app/.well-known/openid-configurati…
-
`oidc-agent` registers new clients trough an unauthenticated request to the IAM registration endpoint. Because of this, a user who approved that client thinks that the `oidc-agent` client should appea…
-
### Q&A (please complete the following information)
- OS: macOS
- Browser: chrome, safari
- Version: chrome 71.0, safari 11.1.2
- Method of installation: dist assets
- Swagger-UI version: 3.…
-
I kept getting the dreaded 'invalid_grant' error from Microsoft Live.
Adjusting the code to no longer send a querystring-polluted callback_uri seems to have solved the issue for me.
-
# Resource Sharing
### Status Quo
Currently, there is no mechanism provided by the security plugin for plugins to utilize to provide fine-grained access control to own resources created by eac…
-
I am trying to allow OAuth2 authentication by passing the client credentials in the body of a `POST` request, by using `allowFormAuthenticationForClients`. I have the following Authorization Server co…