-
Notifications
You must be signed in to change notification settings - Fork 3
Service: OAuth2 Authorization Code
** WARNING: This service has been updated to use HTTP GET method. HTTP POST method has been deprecated and is only supported for a short period of time.
redirects the user-agent to the client redirect URI with an authorization code. The authorization code should be exchanged with an access token at the token endpoint.
Kalamar as the web user interface of KorAP provides the authorization endpoint and a user authentication interface. This service requires user authentication token in the Authorization header of the request sent by Kalamar.
Available in: full version
Method: GET (POST is deprecated and discouraged)
Service URL: root/oauth2/authorize
Header Parameters
| Name | Required | Description | Value |
|---|---|---|---|
| Authorization | yes | HTTP authentication with scheme: Bearer | OAuth2 access token |
Query parameters
| Name | Required | Description | Type | Example |
|---|---|---|---|---|
| response_type | yes | The requested type of response. Only code is supported. | String | code |
| client_id | yes | The client identifier obtained on client registration. | String | |
| redirect_uri | no, if it has been registered | The callback URI where the authorization code will be sent. It must be identical to the redirect URI registered on client registration. The URI must be encoded by using URL / Percent encoding. | String | |
| scope | yes | The requested authorization scopes separated by space. | String | search match_info |
| state | no, recommended | Any string value encoded in Base64 used to store specific data and/or prevent Cross-Site Request Forgery (CSRF) attacks. It will be returned unmodified and should be verified at the client side. | String |
Request
curl --verbose
-H 'Content-Type: application/x-www-form-urlencoded'
-H 'Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ='
'http://localhost:8089/api/oauth2/authorize?response_type=code
&client_id=fCBbQkA2YzIxYmY1Ng==&redirect_uri=http%3A%2F%2Fexample.client.com%2Fredirect
&scope=search&state=8lv2i7stdgp5u1'
Response
< HTTP/1.1 307 Temporary Redirect
< Date: Wed, 04 Jul 2018 14:52:05 GMT
< Location: http://example.client.com/redirect?code=e9f492cce19f78f4ccfa1bd309760250
&scope=search&state=8lv2i7stdgp5u1
< Content-Type: application/json;charset=utf-8
< Content-Length: 0
< Server: Jetty(9.4.8.v20171121)
Hardt, D., Ed., The OAuth 2.0 Authorization Framework, RFC 6749, October 2012. [Online]. Available: https://tools.ietf.org/html/rfc6749
Parecki, Aaron. OAuth 2.0 Servers. [Online]. Available: https://www.oauth.com/
- OAuth2 client registration
- OAuth2 client info
- OAuth2 client deregistration
- OAuth2 client secret reset
- Plugin registration
- Plugin list (Marketplace)
- Plugin installation
- Plugin uninstallation
- Installed plugin list
- User group creation
- User group deletion
- User group list
- Member invitation
- Member deletion
- Approval of member invitation
- Rejection of member invitation
- Member role management
- Virtual corpus creation and update
- Virtual corpus deletion
- Virtual corpus list
- Virtual corpus retrieval
- Virtual corpus statistics
- Virtual corpus statistics with KoralQuery