search

RADAR-base / RADAR-Rest-Source-Auth

A simple application to support authorization of wearable devices using OAuth using a webservice with REST Endpoints.
https://radar-base.org/
Apache License 2.0
1 stars 0 forks source link

pass client_id in token_request #263

Closed Bdegraaf1234 closed 4 months ago

Bdegraaf1234 commented 4 months ago

adapt the token request in the front end to accomodate ory

Bdegraaf1234 commented 1 week ago

@mpgxvii

hydra does want or at least allows the client_id in the post request https://www.ory.sh/docs/hydra/reference/api#tag/oAuth2/operation/oauth2TokenExchange

The complete technical spec for oauth can be found here, I linked the section on the authorization code grant, it looks like if you authenticate with basic you don't have to provide the client ID in the post request but you can.

This is the commit where I messed with the token endpoint, it is a bit hacky so I am happy it will be removed, but I think the implementation on the RSA side stands :)

mpgxvii commented 1 week ago

@Bdegraaf1234 Oh okay I see. Thanks for the clarification! :)