Skip to Content
0

Where to find UAA authorization and token endpoints

Aug 02, 2017 at 02:48 PM

408

avatar image
Former Member

Hi,

I was following the tutorial about setting security artifacts in XS Advanced, but cannot find the OAuth2 urls since this UAA service represents authorization service.

Can you help me find them?

Thanks in advance

uaa
10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

4 Answers

Jamie Cawley
Aug 02, 2017 at 04:39 PM
0

Maybe this will help you

https://docs.cloudfoundry.org/api/uaa/index.html#overview-69051

Regards,

Jamie

Show 2 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Thank you, this will help.

But still I do not have the base url of UAA service on which I can add /auth/token for example.

Where can I find this url?

Thanks in advance

0
Former Member

Also, there is not specified how to create a client (client as a role in oauth2 protocol) in this tutorial.

0
Jamie Cawley
Aug 03, 2017 at 12:56 PM
0

After you have the service bound to your app you should be able to run

xs env <app_name>

which will provide you with a bunch of details.

These may also help you

https://www.youtube.com/watch?v=neBCRSRTa2s

https://help.sap.com/viewer/4505d0bdaf4948449b7f7379d24d0f0d/2.0.01/en-US/17acf1ac0cf84487a3199c51b28feafd.html

Regards,

Jamie

Show 2 Share
10 |10000 characters needed characters left characters exceeded
Former Member

I have obtained a token:

capture.png

But when I try to access my application with this token I get the following answer:

capture1.png

Do you have any clue why is this happening?

Thank you again

capture.png (97.6 kB)
capture1.png (35.8 kB)
0
Former Member

I have to point out that I didn't use the verificationkey which can be found when I run xs env [app-name]. I don't know what is it for.

0
Jamie Cawley
Aug 04, 2017 at 01:16 PM
0

In CLI try running

xs oauth-token

and then use the response to test it. This may also help

https://tongtongl33.wordpress.com/2014/03/03/how-to-login-to-cloudfoundry-via-rest-api/

Regards,

Jamie

Show 2 Share
10 |10000 characters needed characters left characters exceeded
Former Member

This is not related to mine scenario actually. I am using this token to access application which is protected by filter which should check the token passed against the authorization server (xsuaa service).

xs oauth-token command returns token which was used to login the user to the server via cli, and is of grant_type 'password'.

On the other side, I am implementing 'authorization code' grant type. That's why I cannot pass this 'password' token in header when accessing my application.

Thank you

0
Former Member

I think that this 'verificationkey' value has to do something with this. Can you help me to understand what is it used for?

0
Sergei Zagoskin Oct 23, 2017 at 11:32 PM
0

Hi Nicola,

It's very interesting topic. Have you found solution?

Best regards,

Sergei

Show 1 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Hi Sergei,

Unfortunately I didn't find the solution. This topic is again relevant to me so if you have any information please share :)

0