Attention: Due to an upgrade beginning on Friday, the 22nd August 2025, any new collabs, groups and any changes to teams will not be kept beyond the weekend. User creation will also be disabled during this time. The actual upgrade will take place on Wednesday, 27th August. On that day, any service requiring a Keycloak login will be unavailable for the duration of the upgrade. Thank you for your understanding as we complete this important work.

For the duration of the maintenance period, Collaboration and Group creation features will be temporarily disabled and will return HTTP 503 Service Unavailable errors until further notice.


Last modified by messines on 2021/06/08 17:32
From version 2.1
edited by messines
on 2020/07/15 17:50
Change comment: Uploaded new attachment "Screenshot 2020-07-15 at 17.47.12.png", version {1}
To version 2.2
edited by messines
on 2020/07/15 18:03
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -6,5 +6,54 @@
6 6  
7 7  The client is confidential with a secret, you obtain it throught the registering oidc client tutorial above.
8 8  
9 +[[image:Screenshot 2020-07-15 at 17.47.12.png]]
9 9  
11 +
12 +The whole authentication flow presented here is based on the official OAuth2 rfc describe in the section 4.1
13 +
14 +[[https:~~/~~/tools.ietf.org/html/rfc6749#section-4.1>>https://tools.ietf.org/html/rfc6749#section-4.1]]
15 +
16 +== Authentication flow ==
17 +
18 +=== Authorization Code Grant ===
19 +
20 +==== Request ====
21 +
22 +/GET on [[https:~~/~~/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth >>https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth]]
23 +
24 +with query parameters
25 +
26 +* response_type=code
27 +* client_id=community-apps-tutorial
28 +* redirect_uri=[[https:~~/~~/www.getpostman.com/oauth2/callback>>https://www.getpostman.com/oauth2/callback]]
29 +* login=true
30 +* scope=openid+group+team
31 +
32 +so
33 +
34 +[[https:~~/~~/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth?response_type=code&client_id=community-apps-tutorial&redirect_uri=https:~~/~~/www.getpostman.com/oauth2/callback&login=true&scope=openid+group+team>>https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth?response_type=code&client_id=community-apps-tutorial&redirect_uri=https://www.getpostman.com/oauth2/callback&login=true&scope=openid+group+team]]
35 +
36 +Of course replace **client_id** and **redirect_uri** with your own configuration
37 +
38 +This will redirect you to the login page of **iam **where your user must enter they username/password
39 +
40 +==== Scope ====
41 +
42 +In the request you can see a scope **parameter**
43 +
44 +* **openid : **This scope is required in oidc, it contains basic information of the user such as it username, email and full name.
45 +* **group **( optional ) **:**
46 +
47 +==== Response ====
48 +
49 +After the loggin, you got a 301 redirection and 200 success http response with a **code** inside
50 +
51 +[[https:~~/~~/www.getpostman.com/oauth2/callback?session_state=a0ff8a68-2654-43ef-977a-6c15ce343546&code=f3f04f93-hbp-482d-ac3d-demo.turtorial.7122c1d9-3f7e-4d80-9c4f-dcd244bc2ec7>>https://www.getpostman.com/oauth2/callback?session_state=a0ff8a68-2654-43ef-977a-6c15ce598886&code=f3f04f93-b98d-482d-ac3d-414cead54de0.a0ff8a68-2654-43ef-977a-6c15ce598886.7122c1d9-3f7e-4d80-9c4f-dcd244bc2ec7]]
52 +
53 +(% class="box infomessage" %)
54 +(((
55 +the code is very important for the next step here the code is //f3f04f93-hbp-482d-ac3d-demo.turtorial.7122c1d9-3f7e-4d80-9c4f-dcd244bc2ec7//
56 +)))
57 +
58 +
10 10