search

SAP / cloud-security-services-integration-library

Integration libraries and samples for authenticating users and clients bound to XSUAA authentication and authorization service or Identity authentication service.
Apache License 2.0
151 stars 135 forks source link

[Improvement] have one doc that describes on how to get an token from Ias/xsuaa #652

Closed nenaraab closed 3 years ago

nenaraab commented 3 years ago

In order to avoid repeating ourselves it might be good to have one central place e.g. /docs/HowToFetchToken.md where we explain on how to get a token from identity or xsuaa service with client secret or with client certificate.

See also here: https://github.com/SAP/cloud-security-xsuaa-integration/tree/main/samples/spring-security-hybrid-usage#access-the-application

nenaraab commented 3 years ago

IAS secret based authn:

curl -XPOST \
  https://<<credentials.clientid>>:<<credentials.clientsecret>>@<<credentials.url>>/oauth2/token \
  -d 'grant_type=password&username=<<your ias user>>&password=<<your ias password>>'

IAS cert based authn:

curl --cert certificate.pem --key key.pem -XPOST \
  <<credentials.url>>/oauth2/token \
  -d 'grant_type=password&client_id=<<credentials.clientid>>&username=<<your ias user>>@global.corp.sap&password=<<your ias password>>'

explain how to get pem encoded files.