Open alanmcg opened 2 years ago
I could use OAuth2 «Resource Owner Password Credentials Grant» flow (with username and password) with blackbox 0.20.0 using the following config :
oauth2:
client_id: "my_client_app"
client_secret: "my_client_app_secret"
scopes:
- "scope"
token_url: "https://www.example.com/auth/token"
endpoint_params:
grant_type: "password"
username: "test@example.com"
password: "password"
I tested this on a private OAuth2 server, not sure it will work with others :sweat_smile:
I believe those are sent as URL parameters, not in the body, so doesn't solve the problem unfortunately
the oauth2 implementation doesn't seem to support anything other than just client_id and client_secret. I have a system which requires client_id and client_secret plus a username and password to be sent in the body of the request to authenticate.
Is it possible to add the ability to specify the body of the request in the oauth2 implementation?