# If a sentry Data Source Name is configured
SENTRY_DSN=https://<key>@<organization>.ingest.sentry.io/<project>
# A shared secret for encrypting cookies
SECRET_KEY_BASE=84b04ea4259542f365
# JWT Private key
JWT_SECRET=Base64 Encoded RSA PRIVATE KEY
# Database name and host
RETHINKDB_DB=place_development
RETHINKDB_HOST=rethink
RETHINKDB_PORT=
RETHINKDB_USER=
RETHINKDB_PASSWORD=
# Rails environment to load
RAILS_ENV=production
# Disable forced SSL
COAUTH_NO_SSL=true
# Serving static files (true if set to anything)
RAILS_SERVE_STATIC_FILES=Use the Client Credentials flow
- POST /auth/oauth/token
with body:
{
"grant_type" : "password",
"username" : "user@example.com",
"password" : "sekret"
}This will return
{
"access_token": "19adad999683f5b450c460726aa",
"token_type": "bearer",
"expires_in": 7200
}- Login
- POST
/auth/signin(or SSO login)
- POST
- Request code with PKCE
- GET
/auth/oauth/authorize?response_type=code&client_id=THE_ID&redirect_uri=THE_URL&scope=public&code_challenge=43_CHAR_CHALLENGE_CODE&code_challenge_method=S256 - returns a 303 redirect with location that includes:
?code=RETURNED_CODE
- GET
- Obtain token
- POST
/auth/oauth/token?client_id=THE_ID&client_secret=THE_SECRET&code=RETURNED_CODE&grant_type=authorization_code&redirect_uri=THE_URL&code_verifier=SHA256(43_CHAR_CHALLENGE_CODE)
- POST
This will return
{
"access_token": "de6780bc506a0446309bd9362820ba8aed28aa506c71eedbe1c5c4f9dd350e54",
"token_type": "Bearer",
"expires_in": 7200,
"refresh_token": "8257e65c97202ed1726cf9571600918f3bffb2544b26e00a61df9897668c33a1"
}POST /auth/oauth/revoke?client_id=<client_id>&client_secret=<secret>
token=<refresh-token>