Last modified by hbpadmin on 2021/06/15 17:59
From version 5.1
edited by hbpadmin
on 2021/06/15 17:59
Change comment: There is no comment for this version
To version 2.1
edited by messines
on 2020/12/04 11:25
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.hbpadmin
1 +XWiki.messines
Content
... ... @@ -1,12 +1,13 @@
1 1  == Abstract ==
2 2  
3 -With IAM, you have the possibility of logging in and using your client_id and your secret to generate an access token.
3 +With IAM, you have the possibility to log in useing your client_id and your secret to generate an access token.
4 4  
5 -This can be particularly useful to access another application. You can use your OIDC client to login to your app but also then to reach other services such as the Collaboratory Drive and Collaboratory API.
5 +This can be partiuculary usefull in a tier application, you can use **//your_client //**to log in into your app but also then to reach our Drive and Collab API.
6 6  
7 +
7 7  == Configure your OIDC Client ==
8 8  
9 -The first thing to do is to configure your OIDC client as a service account. You just have to set **"serviceAccountsEnabled" : true** in the definition of your OIDC client as documented under [[How to modify your OIDC client.>>https://wiki.ebrains.eu/bin/view/Collabs/collaboratory-community-apps/Community%20App%20Developer%20Guide/1.%20Registering%20an%20OIDC%20client/]]
10 +First thing to do is to configure your OIDC client as a Service account. You juste have to provide **"serviceAccountsEnabled" : true** in the définition of your client. Please have a look to this documentation know [[how to modify your oidc client.>>https://wiki.ebrains.eu/bin/view/Collabs/collaboratory-community-apps/Community%20App%20Developer%20Guide/1.%20Registering%20an%20OIDC%20client/]]
10 10  
11 11  {{code language="json"}}
12 12  {
... ... @@ -25,31 +25,4 @@
25 25  }
26 26  {{/code}}
27 27  
28 -== Generate an access token using client credentials ==
29 -
30 -Next, you can generate an access token.
31 -
32 -==== Endpoint: ====
33 -
34 -https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token
35 -
36 -==== Parameters: ====
37 -
38 -(% class="box" %)
39 -(((
40 -**Request Body**
41 -grant_type: "client_credentials"
42 -client_id: "clientId"
43 -client_secret: "clientSecret"
44 -scope: "The scopes you need and which are available in your client"
45 -)))
46 -
47 -==== Sample request: ====
48 -
49 -{{code language="bash"}}
50 -# Request to get an access token
51 -curl -X POST https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/token \
52 - -H 'Content-Type: application/x-www-form-urlencoded' \
53 - -d "grant_type=client_credentials&client_id=myclient&client_secret=mysecret&scope=email%20profile%20team%20group%20clb.wiki.read%20clb.wiki.write"
54 -
55 -{{/code}}
29 +