Sean Kelly Posted August 23, 2018 Posted August 23, 2018 Hello! I'm attempting to set up an Invision Power Board forum as an OAuth2 Authentication Server and have a few inquiries. When defining scope for an OAuth2 parse against the 4.3+ API, how are the parameters defined? E.g. in the following url; https://www.<ipbsuite>/oauth/authorize?response_type=code&client_id=<client_id>&scope=/core/me&state=<randomlygeneratedstring>&redirect_uri=http://localhost:8080/login/oauth2/code/ips4 scope is set = to /core/me (for identification purposes), however this URL in practice returns a 403 (redirect URI is correct for testing purposes and the secret key is being passed as part of the body). I've seen no explicit definition saying "Hey, this is what the scope is exactly" but I've seen things varying between GET /core/me and /core/me, so I'm confused at what is the proper way. If there is another thread already answering this I apologize, I did a short search and didn't find anything.
bfarber Posted August 24, 2018 Posted August 24, 2018 If you are requesting any scopes, the only two defined by default are "profile" and "email", although you can add custom ones. You control which scopes can be requested as well as which API endpoints an authenticated user can access when setting up the OAuth client under System > REST & OAuth in the AdminCP.
Sean Kelly Posted August 27, 2018 Author Posted August 27, 2018 On 8/24/2018 at 10:30 AM, bfarber said: If you are requesting any scopes, the only two defined by default are "profile" and "email", although you can add custom ones. You control which scopes can be requested as well as which API endpoints an authenticated user can access when setting up the OAuth client under System > REST & OAuth in the AdminCP. Thank you very much! This is exactly what I needed
Recommended Posts
Archived
This topic is now archived and is closed to further replies.