Most voted "oauth2" questions
Oauth 2.0 is an authorization protocol that enables applications to access data mutually. Game applications can access your Facebook account, for example, or a local application can access Foursquare data.
Learn more…85 questions
Sort by count of
-
41
votes2
answers21537
viewsOauth - What is it? What is its purpose?
What is Oauth? What is its purpose? What does he do? There are other alternative technologies to it?
-
10
votes1
answer2093
viewsOWIN and Oauth What are they and how to use them?
I am seeing Webapi tutorials with authentication/ authorization and I came across these two concepts, although explained in the tutorials the settings are not clear. Even searching the web, the…
-
10
votes0
answers987
viewsOauth 2 authentication server in ASP.NET Web API
The company I work with develops internal applications, but for policy reasons, we will have a subdomain to handle authentications such as: login.dominio.com.br where you will have an app…
-
8
votes1
answer464
viewsHow to securely pass token after authentication to angular application
I am developing an Angular Addin for outlook - Office365 for a management application "Jasmin Software". The application is divided into two parts, A 1 is a javasscript application to handle…
-
7
votes1
answer803
viewsHow can a WEB application that uses Oauth for authentication manage the user session?
Usually sessions are used to keep data of a particular user after they have logged into the WEB application, and it is the WEB application that is responsible for controlling and managing that data…
-
6
votes2
answers1296
viewsOpen ID Connect and Oauth 2
Last year researching a bit about authentication on API's REST I’ve heard of OAuth and saw many recommendations regarding it. I read a little on the subject, liked the same and started using it with…
-
5
votes2
answers15150
viewsError login facebook
When I try to log in facebook through my application, gives the error: Blocked URL: Redirect failed because the Url used is not in the release list in the client’s Oauth settings application. Check…
-
4
votes2
answers5680
viewsHow to authenticate a user in an android app that uses Facebook login
I’m creating an Android app where the user will have to register to have access to the application content (a login). For this, I use by default the famous Facebook Login. When the user logs through…
-
4
votes1
answer632
viewsOauth API authentication with external provider
When we use Oauth we have the "authorization server" and the "resource server". The resource server is the server on which the API is, that is, this is where the interface to the resources we want…
-
4
votes1
answer348
viewsValidation of quantity of sessions with spring boot and spring security
I need to validate the number of sessions that may exist, so that the user cannot log into two places at the same time with the same credentials. Reading the Spring Security documentation and posts,…
-
4
votes1
answer744
viewsWhat are the dangers of keeping the Oauth2 token on the frontend?
I believe I am paranoid, but I could not find any situation similar to mine (if you know pass me the link, I am grateful) so I wanted to ask this question to get a definitive answer. Before the…
-
3
votes1
answer1101
viewsCookies or Session by Javascript
I’m working on a project, and the back-end (java), is totally separate from the front-end, and they communicate through REST. My question is, let’s start working on the authentication area, and I…
-
3
votes0
answers360
viewsHow to authenticate a javascript application (browser) in a PHP API?
Personal, I’m looking to develop a PHP API (Laravel) to consume it both on my SITE (angular) and on the mobile applications I’m still developing. However, I am having trouble implementing a secure…
-
3
votes1
answer168
viewsAccess token storages (JWT token)
I am facing the need to store the access token of a user who logged in through a method with Oauth2, this JWT token will be used for my frontend application, written in React, make calls to an API…
-
3
votes0
answers77
viewsAre web security standards insufficient?
Well, above all, in addition to the issue I will raise here, I would also like to raise a debate, the security standards for system authentication are not insufficient? Context of the problem: I…
-
2
votes1
answer125
viewsStruts2 with Spring Security Oauth2 plugin
I wonder if it is possible to use the Oauth2 plugin of Spring Security with Struts2 or if this plugin has some restriction that only allows to work in Springmvc?
-
2
votes1
answer495
viewsWhat security breaches were found in Oauth 2.0?
Yesterday I read that text saying that serious security flaws have been found in Oauth. The content of the text, in particular, makes it seem like you can’t use Oauth, no way. The problem with this…
-
2
votes1
answer312
viewsReceive Token through Webrequest?
Guys is there any way I can generate a token through a Webrequest? Because every time I use the Google Drive function I need to open the authentication page only to generate the Access Token, there…
-
2
votes1
answer71
viewsOauth v2 in Django 1.4
Friends, I am studying how to implement the Oauth v2 protocol in my application. I’ve done a lot of research here, and I haven’t found anything that could solve my problem. So far I have a database…
-
2
votes0
answers483
viewsSpring Security Oauth2 in API Rest
Good morning. I have a Web Service Rest implemented and I am working on the security of it at the moment. This Web Service has been implemented using Spring Boot. Initially I will have as customers…
-
2
votes1
answer108
viewsError while logging in using Facebook
Trying to login through facebook I come across the following error: Server Error in Application '/'. Undefined object reference for an object instance. Description: An untreated exception occurred…
-
2
votes0
answers159
viewsSpring secutity Oauth2
It generates the token { "access_token": "0b42ea14-6a21-44fc-9f65-df60f9130542", "token_type": "bearer", "refresh_token": "3653d5f8-161a-4ee2-b3b5-df9e1da4b9a7", "expires_in": 498, "scope": "bar…
-
2
votes2
answers141
viewsUnable to regenerate a secret client in Jasmin
By accessing Jasmin Nitrogen and upgrading a Credentials Client-type authorization system it is not possible to regenerate the client secret. There is currently an error that secret there is no. The…
-
2
votes1
answer625
viewsGet specific login data through facebook
I am seeking to implement authentication through the facebook. Where I want to get more data audiences. I already have the default authentication set up. But I need something else, because it only…
-
2
votes0
answers83
viewsQuestions about Oauth and Tokens in an API
Before, I’d like to contextualize my scenario: I am a student in the field who has huge passion for mobile development and recently I have seen the need to create my own API’s to enable conversation…
-
2
votes0
answers85
viewsDoubts about authentication for a Java application with Spring Security (stateless)
I will start a new project and came to doubt regarding the best way to work the authentication/authorization part. The project will be developed in Java with spring (boot), backend and frontend…
-
1
votes0
answers243
viewsAdd oauth to API with traditional authentication
When the user opens the site, it is redirected to the login form where the authentication takes place. On the server side the credentials are checked and a session is created, so that the…
-
1
votes1
answer358
viewsWhat’s the relationship between Oauth and Rest?
good night. I would like to use the API of a particular website (Paid Market to be specific) to build an application. Studying a little of their documentation I saw that their API is based on Rest…
-
1
votes1
answer258
viewsWhat techniques can be used to authenticate in REST applications?
I’m developing an application Restful in PHP, I need to do an authentication mechanic on that system, so client applications can consume your data. What techniques can be used to authenticate…
-
1
votes0
answers56
viewsRuby Adwords API returning Authenticationerror.OAUTH_TOKEN_HEADER_INVALID
I’m using: gift omniauth omniauth-google-Oauth2 google-Adwords-api and catch the token by the callback of the oauth: class OmniauthCallbacksController < Devise::OmniauthCallbacksController def…
-
1
votes0
answers36
viewsDisconnect Logged-in User with Oauth Facebook, Google and Twitter
When the user asks to disconnect from my application of one of these social networks: Facebook, Google or Twitter, it is necessary to send some kind of request to API? Or I can just mark a flag as…
-
1
votes0
answers47
viewsQuick-start sample app for PHP
I’m making a website and want to implement Google login using Quick -start sample app for PHP. Yet when I turn the page signin.php the option to log in via Google+ appears, but when logging in I…
-
1
votes1
answer84
viewsManually create client_secret in PHP for Laravel + OAUTH2
Problem: I have an application with auto-installer. When the user sets up your account, I would like to manually register it in the table oauth_clients, already with a secret of his own. If I do…
-
1
votes1
answer1463
viewsHow to authenticate an Oauth 2 connection to Postman?
My API uses in the backend Rails 5 to Gem devise_token_auth (omniauth) for authentication. The frontend is using ng-token-auth (Angular 1.x). I have all API requests on Postman. I did the security…
-
1
votes0
answers30
viewsPHP opauth facebook
I am making attention with facebook using opauth.org slim3 framework. I’m not getting the sex. I get the other data: test site Does anyone know if there is a syntax error? $gender =…
-
1
votes1
answer428
viewsSave Token to User Machine
I made an integration with the GoogleDrive and by doing all the authorization on the consent screen, it creates a token in the appdata user, however I put this application in Azure in a VM. Only…
-
1
votes1
answer66
viewsasmx authentication
I have an asmx webservice that contains functions of Insert, delete, update, select, I am consuming it via ajax, because my application cannot work on the server side. My question is how can I…
-
1
votes1
answer139
viewsSend External Login Data to Controller
I need to login through Facebook, I have the login page, which renders a @Html.Partial _Loginexternal Follow the code of both: @using EuVotoAf.Models @model LoginViewModel @{ ViewBag.Title = "Log…
-
1
votes1
answer78
viewsLogical help with PHP using Twitter API
Well, here’s the idea, I’m using API from Twitter to authenticate users, I am using the following feature: https://twitteroauth.com. I used this video to help me authenticate, it’s exactly the same:…
-
1
votes0
answers85
viewsLaravel 5.4 Passport - Authentication 3rd party login
I have this system that I developed. It is developed in reactjs + Redux + sagas in frontend and RESTFUL API in backend in Laravel. BUT in the company in which I work there is a requirement that the…
-
1
votes2
answers60
viewsHow can I ensure that my API will only be used for the features I want it to use?
Hello, I have the following question. I have an application that will be used by several companies, each company will have a number of employees (users only company) and I have common users…
-
1
votes0
answers87
viewsProblems with Google API authentication in Ruby
I’m developing a Ruby API that communicates google-api-ruby-client but when trying to authenticate I get some errors. example of my code: class GoogleService require 'googleauth' require…
-
1
votes2
answers265
viewsToken Webapi C# Auth
I am issuing token, but at the moment make a request with the token, returns the following message: "Message": "Authorization has been denied for this request." I am passing user and static password…
-
1
votes0
answers69
viewsGroovy with Oauth2
We are developing a call to an SMS sending Web Service that uses Oauth2 authentication. This development is being carried out in groovy. We searched in several forums how to elaborate the call,…
-
1
votes0
answers31
viewsLoad JWT Signature key from a dynamic base
I implemented an Authorization Server using AuthorizationServerConfigurerAdapter and users and customers are configured from the implementation of services UserDetailsService and…
-
1
votes1
answer52
viewsAdd message in Oauth reply
I created a web api with token validation that works correctly, my problem is: I would like to put a message after the mandatory information, I leave attached an example image(I would like to add…
-
1
votes0
answers38
viewsProblem with Oauth2 and PHP to enter with Facebook
On my site I have the option to login with your Facebook account to store your creations and etc.. It always worked well after implementation, however, without any changes in data or files,…
-
1
votes0
answers15
viewsUBER API, authentication scope
During Dashboard Uber configuration the privilege scopes are not displayed, but during authentication call to obtain the access token at least one scope is required. The configuration screen always…
-
0
votes1
answer129
viewsSpring Security Oauth2 Plugin with Json Tokens
Can anyone tell me if the Spring Security Oauth2 plugin supports access tokens in JSON format instead of XML format? And if yes what needs to be done to make that change?
-
0
votes1
answer782
viewsOauth vs Conventional login system authentication. Which to use?
Imagine the following scenario: You are setting up a project where anyone can register with basic data (name, photo, age) to use your product. And as it is on the internet there is no way to predict…