OAuth 2.0 - Client Credentials Flow + Permissions
Whenever a new OAuth Client is created in OTDS, assuming the global option is selected, are there any restictions to the data that can be requested through the REST API? Calls to the nodes resource are not returning expected data.
Answers
-
Hello, @MikDev
The behavior depends on how you configure your OAuth 2.0 client and the associated resource (API).
Here are some key points to consider:
Resource Configuration:
You need to create an OTDS Resource that represents your service or OAuth 2.0 resource (e.g., your RESTful API).
Configure the resource with the appropriate access roles and permissions.
Access Roles:
Assign users (including your OAuth 2.0 client) to the access roles associated with the resource.
These roles determine what data the client can access.
OAuth 2.0 Scopes:
Define OAuth 2.0 scopes for your resource. Scopes control the level of access granted to the client.
When requesting an access token, the client specifies the desired scope(s).
Testing and Debugging:
Ensure that your OAuth 2.0 client is correctly configured to request the necessary scopes.
Test the client’s authorization flow and verify that it receives the expected access token.I hope this info is helpful to you.
Best Regard,
Gregory Chavez0 -
Hello, @MikDev
Can you tell me my suggestion is helpful or not, If it's work please select as solution.
Best Regard,
Gregory Chavez0
Categories
- All Categories
- 123 Developer Announcements
- 54 Articles
- 150 General Questions
- 148 Thrust Services
- 57 OpenText Hackathon
- 37 Developer Tools
- 20.6K Analytics
- 4.2K AppWorks
- 9K Extended ECM
- 918 Core Messaging
- 84 Digital Asset Management
- 9.4K Documentum
- 32 eDOCS
- 186 Exstream
- 39.8K TeamSite
- 1.7K Web Experience Management
- 8 XM Fax
- Follow Categories