AnsweredAssumed Answered

DMZ converts client_credential to password

Question asked by Tattwa on Dec 7, 2017
Latest reply on Dec 8, 2017 by Sascha Preibisch

Requirement : Generate auth token(grant_type=password) after registration within gateway(DMZ)


Step-1 : Client call guest token service: To get guest(scope) token [grant_type=client_credentials(/auth/oauth/v2/token)]
Step-2 : Client call registration service to register user
Step-3 : Gateway(DMZ) update/remove guest token and invoke auth(scope) service (grant_type=password) for registration service

 

Planning for below approach, is there any best approach/practice?

 

Approach:
1. Route to auth service (grant_type=password) after user registration with grant_type and resource_owner
2. Delete guest token from otk_db

 

 

[grant_type=client_credentials(/auth/oauth/v2/token)]
{
"resource_owner": "Token 2.0",
"client_key": "1098567432",
"expiration": "1515084452",
"jsessionid": "LNAlWOtodjnXFSWkrJT2KIZ6zeT1oe",
"scope": "guest",
"grant_type": "client_credentials"
}

[grant_type=password(/auth/oauth/v2/token)]
{
"resource_owner": "layer7@test.com",
"client_key": "1098567432",
"expiration": "1515085168",
"jsessionid": "GJslY1d00B8dbqRV7yYoIjqt",
"scope": "auth",
"grant_type": "password"
}

Outcomes