OAuth 2.0 - Client Credentials Flow + Permissions
Whenever a new OAuth Client is created in OTDS, assuming the global option is selected, are there any restictions to the data that can be requested through the REST API? Calls to the nodes resource are not returning expected data.
Answers
-
Hello, @MikDev
The behavior depends on how you configure your OAuth 2.0 client and the associated resource (API).
Here are some key points to consider:
Resource Configuration:
You need to create an OTDS Resource that represents your service or OAuth 2.0 resource (e.g., your RESTful API).
Configure the resource with the appropriate access roles and permissions.
Access Roles:
Assign users (including your OAuth 2.0 client) to the access roles associated with the resource.
These roles determine what data the client can access.
OAuth 2.0 Scopes:
Define OAuth 2.0 scopes for your resource. Scopes control the level of access granted to the client.
When requesting an access token, the client specifies the desired scope(s).
Testing and Debugging:
Ensure that your OAuth 2.0 client is correctly configured to request the necessary scopes.
Test the client’s authorization flow and verify that it receives the expected access token.I hope this info is helpful to you.
Best Regard,
Gregory Chavez0 -
Hello, @MikDev
Can you tell me my suggestion is helpful or not, If it's work please select as solution.
Best Regard,
Gregory Chavez0
Categories
- All Categories
- 118 Developer Announcements
- 52 Articles
- 149 General Questions
- 138 Services
- 56 OpenText Hackathon
- 35 Developer Tools
- 20.6K Analytics
- 4.2K AppWorks
- 9K Extended ECM
- 914 Cloud Fax and Notifications
- 82 Digital Asset Management
- 9.3K Documentum
- 30 eDOCS
- 175 Exstream
- 39.8K TeamSite
- 1.7K Web Experience Management
- 7 XM Fax