Changes for page 2. Authenticating with your OIDC client and fetch collab user info
Last modified by messines on 2021/06/08 17:32
Summary
-
Page properties (2 modified, 0 added, 0 removed)
Details
- Page properties
-
- Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki.m essines1 +XWiki.mmorgan - Content
-
... ... @@ -42,16 +42,8 @@ 42 42 The **scope** parameter can include a combination of several values. Each user will be asked to consent to sharing that scope with your app upon first access. 43 43 44 44 * **openid: **This scope is required because we use the OIDC protocol. It will give your app access to the user's basic information such as username, email and full name. 45 -* **profile** (optional): More information on user if provided by the user 46 -* **email **(optional): The verified email of the user, should be add in addition of openid and/or profile to get the email. 47 47 * **group **(optional)**: **If you request this scope, the future access token generated will authorize your app to identify which units and groups the user belongs to. 48 48 * **team **(optional)**: **This scope is like the group scope lets your app identify the permissions of the user, but by identifying what collabs the user has access to and with what roles. 49 -* **clb.wiki.read **(optional): access to GET Collab API 50 -* **clb.wiki.write** (optional): access to DELETE/PUT/POST Collab API 51 -* **clb.drive:read **(optional): access to GET Drive API 52 -* **clb.drive:write** (optional): access to DELETE/PUT/POST Drive API 53 -* **collab.drive **(optional): former scope, should be use if clb.drive is not enought 54 -* **offline_access **(optional)**: **provide refresh token 55 55 56 56 {{info}} 57 57 The group and team scopes are a simple way for your app to grant permissions to its services and resources when you want to grant access to a very few units, groups, or collab teams. For more complex permission management, contact support. ... ... @@ -75,7 +75,7 @@ 75 75 76 76 ==== Request ==== 77 77 78 -/POST: [[https: ~~/~~/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token>>https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token]]70 +/POST: [[https:/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token>>url:https:/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token]] 79 79 80 80 with the following parameters: 81 81 ... ... @@ -117,7 +117,7 @@ 117 117 118 118 ==== Request ==== 119 119 120 -/GET: [[https: ~~/~~/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/userinfo>>https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/userinfo]]112 +/GET: [[https:/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/userinfo>>url:https:/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/userinfo]] 121 121 122 122 with the following parameters: 123 123