oauth-2.0 Questions

Azure – How get access token for another resource using Microsoft OAuth

February 22, 2023
SneakyFoxy
2 Answers

The user logs in with https://login.live.com/oauth20_authorize.srf Parameters: client_id=<CLIENT_ID> response_type=code scope=XboxLive.signin offline_access redirect_uri=<REDIRECT_URL> And gets an authorization_code M.R3_BAY.5530f5eb... When using: https://login.live.com/oauth20_token.srf grant_type=authorization_code client_id=<CLIENT_ID> scope=Xboxlive.signin Xboxlive.offline_access code=M.R3_BAY.5530f5eb... redirect_uri=https://localhost/oauth_success client_secret=<CLIENT_SECRET> Getting access_token and refresh_token. I want to use one of these tokens to…

VIEW QUESTION

Google Login fails: either I get an error about an unlisted "redirect_uri" value or I get redirected to localhost which also fails – Nginx

February 5, 2023
plutownium
2 Answers

I am trying to enable users to log into my page using Google Social Sign On. This worked in development and now I am going to production with it. It is a resume project. To start the login process I…

VIEW QUESTION

Why is my flutter app not handling Spotify's API authorization after signing in?

February 5, 2023
Tabiat1739
2 Answers

I'm making a flutter app using Spotify's API. I have a basic homepage that uses a button to launch a browser to login to Spotify. Here is my backend code: import 'dart:convert'; import 'package:http/http.dart' as http; import 'package:flutter/material.dart'; import 'package:url_launcher/url_launcher.dart';…

VIEW QUESTION

Mongodb – [next-auth][error][adapter_error_getUserByAccount]; Cannot read properties of undefined (reading 'findUnique')

February 5, 2023
Velislav Dimitrov
3 Answers

I am making a sign up page with 3 providers (Twitter, Facebook and Instagram) using next-auth and prisma with mongoDB. The issue appears when I try to sign up with any of the providers. Here is my nextauth.js file. import…

VIEW QUESTION

Single app registration in Azure for mobile app calling own backend

January 31, 2023
metalheart
2 Answers

I want to authenticate users with Azure Active Directory (AD) in a mobile app that calls its own REST API and possibly, make it simple. Looks like the documented way (here or here) to do so is to register the…

VIEW QUESTION

Understanding OAuth2 process with SSO in microservices world

January 5, 2023
BartekN
3 Answers

I'm currently learning about OAuth2. I went through two different courses and none of them answered how OAuth should be implemented in microservices world. Let's say there is an app for uploading photos after user registration. I would let users…

VIEW QUESTION

Azure – Why IdToken is a JWT in OIDC?

December 22, 2022
DaniloMourelle
2 Answers

I was reading this question How to verify that the idToken is valid and watching this vídeo https://www.youtube.com/watch?v=M4JIvUIE17c and I got me wondering... Why id token is an JWT if it's meant to be used by the client. Why not…

VIEW QUESTION

SpringBoot + AWS Cognito configuration, I need some clarification

November 25, 2022
LurenzZ
2 Answers

I'm trying to start a new simple project with SpringBoot using AWS Cognito for authentication/authorization Following some guide on web i found some different configuration, for example: https://www.baeldung.com/spring-security-oauth-cognito https://wilkom2009.hashnode.dev/how-to-secure-spring-boot-rest-api-endpoints-with-amazon-cognito In the Baeldung is used only the spring module spring-security-oauth2-jose while…

VIEW QUESTION

Azure – Microsoft Graph – OAuth2.0 flow for React client and spring-boot backend

November 24, 2022
user2779450
2 Answers

I am building a React-based SPA that communicates with a spring-boot backend via a REST API. I need the user to be able to log into their Microsoft account on the browser client (the SPA) and I need the backend…

VIEW QUESTION

Oauth2 refresh_token doesn't exists – PHP

November 12, 2022
user19818308
2 Answers

I use below code but when I login via Microsoft account I don't receive refresh_token. Someone can explain why? $login = 'https://login.microsoftonline.com/xxxxxxxxxxxxxxxxxxxxxxxxx/oauth2/v2.0/authorize?'.http_build_query([ 'client_id' => $id, 'scope' => 'https://outlook.office.com/IMAP.AccessAsUser.All', 'redirect_uri' => $redirect, 'response_type' => 'code', ]);

VIEW QUESTION