Presentation is loading. Please wait.

Presentation is loading. Please wait.

WStore Programmer Guide

Published byDerrick Mitchell Modified over 5 years ago

Similar presentations

Presentation on theme: "WStore Programmer Guide"— Presentation transcript:

1 WStore Programmer Guide
API Authentication and authorization

2 Agenda Introduction API Authentication and authorization

3 WStore Programmer Guide
introduction

4 Introduction The programmer guide contains a description of the actions that can be performed by a developer, in order to integrate WStore capabilities with her solution using WStore API. 

5 Api authentication and authorization
WStore Programmer Guide Api authentication and authorization

6 API Athentication and authorization
WStore API requires users to be authenticated and requires them to authorize developer’s application in order to access WStore API in their name. To perform this process WStore uses an OAuth2 approach. Depending on the authorization mode of the WStore instance there are two possible ways for API authorization. If the WStore instance is using an idM GE, the developer application should include a valid token obtained from the idM in all the related requests.

7 API Athentication and authorization
In case the WStore instance uses it own authentication mechanism the developer should follow the following process. The first step consist on user authentication and application authorization. Note that the application should be registered in WStore in order to have aclient_id and a client_secret. To perform this step is necessary to make the following request: GET /oauth2/auth HTTP/1.1 Accept: application/json This request must include the following params. client_id: Id of the application in WStore redirect_uri: URI where WStore redirects when the call finishes response_type

8 API Athentication and authorization
When this request is performed the user is redirected to a page where the user can log in and authorize the application

9 API Athentication and authorization
Once the user has authorized the application, an authorization code is returned to the redirect_uri provided. The next step is to acquire the access token. To perform this step, it is necessary to make the following request: POST /oauth2/token HTTP/1.1 This request must include the following params: client_id: Id of the application in WStore client_secret: Secret of the application in WStore grant_type code: Authorization code provided in the previous step redirect_uri: URI where WStore redirects when the call finishes

10 API Athentication and authorization
WStore responds to this request providing an access and a refresh token. The access token must be included as a header in all API requests, and the refresh token is used to acquire a new access token in case it expires. To refresh the access token is necessary to make the following request: POST /oauth2/token HTTP/1.1 This request must include the following params: client_id: Id of the application in WStore client_secret: Secret of the application in WStore grant_type refresh_token: refresh token provided in the previous step

11

Download ppt "WStore Programmer Guide"

Similar presentations

The How of OAuth OAuth Hackathon – Six Apart

The How of OAuth OAuth Hackathon – Six Apart
22 May 2008IVOA Trieste: Grid & Web Services1 Alternate security mechanisms Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY.

22 May 2008IVOA Trieste: Grid & Web Services1 Alternate security mechanisms Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY.
FI-WARE Testbed Access Control temporary solution.

FI-WARE Testbed Access Control temporary solution.
OAuth 2.0 By “PJ” (JP on meetup.com) iOS and PHP developer, and occasional lawyer Contact me via:

OAuth 2.0 By “PJ” (JP on meetup.com) iOS and PHP developer, and occasional lawyer Contact me via:
Prabath Siriwardena | Johann Nallathamby.

Prabath Siriwardena | Johann Nallathamby.
The Devil is in the (Implementation) Details: An Empirical Analysis of OAuth SSO Systems San-Tsai Sun and Konstantin Beznosov University of British Columbia.

The Devil is in the (Implementation) Details: An Empirical Analysis of OAuth SSO Systems San-Tsai Sun and Konstantin Beznosov University of British Columbia.
The Alfresco API Steven Glover Gethin James Peter Monks.

The Alfresco API Steven Glover Gethin James Peter Monks.
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.

1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
User signs in to WindowsUser is signed in to your app 12.

User signs in to WindowsUser is signed in to your app 12.
SPC204 Security Problems in SharePoint 2010 Authentication and Authorization.

SPC204 Security Problems in SharePoint 2010 Authentication and Authorization.
Today, global enterprises run on Windows Server Active Directory 90% of US enterprises and 70% of international corporations use Active Directory.

Today, global enterprises run on Windows Server Active Directory 90% of US enterprises and 70% of international corporations use Active Directory.
What Is New and Noteworthy in Jersey Miroslav Fuksa, Jakub Podlešák Software Developers Oracle, Application Server Group October 1, 2014 Copyright ©

What Is New and Noteworthy in Jersey Miroslav Fuksa, Jakub Podlešák Software Developers Oracle, Application Server Group October 1, 2014 Copyright ©
SIP OAuth Rifaat Shekh-Yusef IETF 90, SIPCore WG, Toronto, Canada July 21, 2014 1.

SIP OAuth Rifaat Shekh-Yusef IETF 90, SIPCore WG, Toronto, Canada July 21,
2-levels Access control for HTTP binding Group Name: WG4 (& WG2/WG3 for information) Source: Shingo Fujimoto, FUJITSU, Meeting.

2-levels Access control for HTTP binding Group Name: WG4 (& WG2/WG3 for information) Source: Shingo Fujimoto, FUJITSU, Meeting.
HTRC API Overview Yiming Sun. HTRC Architecture Data API Portal access Direct programmatic access (by programs running on HTRC machines) Security (OAuth2)

HTRC API Overview Yiming Sun. HTRC Architecture Data API Portal access Direct programmatic access (by programs running on HTRC machines) Security (OAuth2)
Office 365 Platform Flexible Tools Each Office 365 Workload API required different Authentication.

Office 365 Platform Flexible Tools Each Office 365 Workload API required different Authentication.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Otomo End User SSO - TOI March 2014 Otomo 10.5 – End User SSO Support.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Otomo End User SSO - TOI March 2014 Otomo 10.5 – End User SSO Support.
Today, global enterprises run on Windows Server Active Directory 90% of US enterprises and 70% of international corporations use Active Directory.

Today, global enterprises run on Windows Server Active Directory 90% of US enterprises and 70% of international corporations use Active Directory.
Introduction to the SharePoint 2013 REST API. 2 About Me SharePoint Solutions Architect at Sparkhound in Baton Rouge

Introduction to the SharePoint 2013 REST API. 2 About Me SharePoint Solutions Architect at Sparkhound in Baton Rouge
WStore User Guide Admin. Agenda 1.Introduction 2.Registering Wstore on a Marketplace 3.Registering a Repository on a WStore 4.Registering a RSS on WStore.

WStore User Guide Admin. Agenda 1.Introduction 2.Registering Wstore on a Marketplace 3.Registering a Repository on a WStore 4.Registering a RSS on WStore.

Similar presentations

Ads by Google