-
Notifications
You must be signed in to change notification settings - Fork 2
Authentication
Francis Luong edited this page Feb 1, 2019
·
3 revisions
This module uses the JAX-RS Liferay extension and thus, it uses the OAuth2 modules to manage the authentication/authorization layer.
It is important to configure the endpoint:
- Go to the
OAuth2 Administrationin theControl Panel - Create a new OAuth2 application
- Give it the name you want
- After validating the creation of the application, it should get a generated client and secret ids.
- Edit the created application
- Ensure that in the
Allowed Authorization Typessection, the optionClient Credentialsis checked - In the
Scopestab, in theGraphQL.Restsection, check the optionsmake HTTP GET requestsandmake HTTP POST requests.
To retrieve an access token, you can execute the following HTTP request on Liferay server: POST /o/oauth2/token
- Headers:
- Content-Type: application/x-www-form-urlencoded
- Accept: application/json
- Authorization: Basic <Base64("client id":"secret")>
- Body:
- grant_type=client_credentials
Example response:
{
"access_token": "76521931259bf7251be0dc7535c0639db12e9e5bbedbfbd19e85dbf7159d10",
"token_type": "Bearer",
"expires_in": 600,
"scope": "GET POST"
}With this response, you will have access to the different endpoints described above. You will need to add the following header: Authorization: Bearer <access token>.