This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Try Request Path Authentication
This section demonstrates the use of the basic auth request path authenticator and the OAuth request path authenticator with the WSO2 playground sample. Follow the instructions below to try out this scenario (Steps 1-6 are common for both authenticators). See Request Path Authentication for more information.
- Start the WSO2 Identity Server and log into the management console.
- Navigate to Service Providers>Add, enter a name for the new service provider and click Register.
Expand the Inbound Authentication Configuration section, then the OAuth2/OpenID Connect Configuration and click Configure. For more information, see Configuring OAuth/OpenID Connect.
Use the following Callback URL when configuring OAuth for WSO2 playground: http://wso2is.local:8080/playground2/oauth2client
- Click Add and take note of the Client Key that is generated as you will need this later on.
- Expand the Local & Outbound Authentication Configuration section and then the Request Path Authentication Configuration section.
- Select the relevant authenticator for request path authentication from the drop-down and click Add.
- Select basic-auth for the basic auth request path authenticator.
- Select oauth-bearer from the drop-down for the OAuth request path authenticator.
- Click Update to save changes to the service provider.
- Now you can use Playground sample application to test the configured request path authenticator. Start the tomcat server and visit the URL http://wso2is.local:8080/playground2/oauth2.jsp.
- Fill in the details on the screen that appears according to the local authenticator you selected for request path authentication. Identity Server will not prompt the login page since it can authenticate the user from the information available in the request.
- Authorization Grant Type: Authorization Code or Implicit
- Client ID: (the client id received at the application registration)
Callback URL: http://wso2is.local:8080/playground2/oauth2client
Access Token Endpoint: "https://localhost:9443/oauth2/token"
Authorize Endpoint: https://localhost:9443/oauth2/authorize?sectoken=
<sec_token>
The sectoken in the Authorize Endpoint will be the
username:password
in Base64 encoded format. You can use a Base64 encoder to encode this. For instance, the username and password admin:admin, is "sectoken=YWRtaW46YWRtaW4=".
- Authorization Grant Type: Resource Owner (password grant)
- Client ID: (the client id received at the application registration)
- Client Secret: (client secret received at the application registration)
- Resource Owner User Name: (username)
- Resource Owner Password: (password of the user)
Callback URL: http://wso2is.local:8080/playground2/oauth2client
Access Token Endpoint: https://localhost:9443/oauth2/token
Once you receive the access token, you can use the following Access Token Endpoint:
https://localhost:9443/oauth2/authorize?access_token=<access_token>