Last modified by hbpadmin on 2021/06/15 17:59
From version 3.1
edited by messines
on 2020/12/04 11:46
Change comment: There is no comment for this version
To version 4.1
edited by mmorgan
on 2020/12/12 17:00
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.messines
1 +XWiki.mmorgan
Content
... ... @@ -1,13 +1,12 @@
1 1  == Abstract ==
2 2  
3 -With IAM, you have the possibility to log in useing your client_id and your secret to generate an access token.
3 +With IAM, you have the possibility of logging in and using your client_id and your secret to generate an access token.
4 4  
5 -This can be partiuculary usefull in a tier application, you can use **//your_client //**to log in into your app but also then to reach our Drive and Collab API.
5 +This can be particularly useful to access another application. You can use your OIDC client to login to your app but also then to reach other services such as the Collaboratory Drive and Collaboratory API.
6 6  
7 -
8 8  == Configure your OIDC Client ==
9 9  
10 -First thing to do is to configure your OIDC client as a Service account. You juste have to provide **"serviceAccountsEnabled" : true** in the définition of your client. Please have a look to this documentation know [[how to modify your oidc client.>>https://wiki.ebrains.eu/bin/view/Collabs/collaboratory-community-apps/Community%20App%20Developer%20Guide/1.%20Registering%20an%20OIDC%20client/]]
9 +The first thing to do is to configure your OIDC client as a service account. You just have to set **"serviceAccountsEnabled" : true** in the definition of your OIDC client as documented under [[How to modify your OIDC client.>>https://wiki.ebrains.eu/bin/view/Collabs/collaboratory-community-apps/Community%20App%20Developer%20Guide/1.%20Registering%20an%20OIDC%20client/]]
11 11  
12 12  {{code language="json"}}
13 13  {
... ... @@ -26,14 +26,15 @@
26 26  }
27 27  {{/code}}
28 28  
28 +== Generate an access token using client credentials ==
29 29  
30 -== Generate an Access token using client credentials ==
30 +Next, you can generate an access token.
31 31  
32 -==== **Endpoint :** ====
32 +==== Endpoint: ====
33 33  
34 34  https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token
35 35  
36 -==== **Params :** ====
36 +==== Parameters: ====
37 37  
38 38  (% class="box" %)
39 39  (((
... ... @@ -44,9 +44,10 @@
44 44  scope: "The scopes you need and which are available in your client"
45 45  )))
46 46  
47 -{{code language="bash"}}
47 +==== Sample request: ====
48 48  
49 -# Send the get access token request
49 +{{code language="bash"}}
50 +# Request to get an access token
50 50  curl -X POST https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token \
51 51   -H 'Content-Type: application/x-www-form-urlencoded' \
52 52   -d "grant_type=client_credentials&client_id=myclient&client_secret=mysecret&scope=email%20profile%20team%20group%20clb.wiki.read%20clb.wiki.write"