Try Request Path Authentication¶
This section demonstrates the use of the basic auth request path authenticator and the OAuth request path authenticator with the WSO2 playground sample. Follow the instructions below to try out this scenario (Steps 1-6 are common for both authenticators). See Request Path Authentication for more information.
Before you begin
You must first
set up the
playground sample webapp.
in order to try the following scenario.
Now you have deployed and registered the
travelocity.comwebapp. Let's edit the same service provider to configure request path authentication.
Expand the Local & Outbound Authentication Configuration section and then the Request Path Authentication Configuration section.
- Select the relevant authenticator for request path authentication
from the drop-down and click Add.
- Select basic-auth for the basic auth request path authenticator.
- Select oauth-bearer from the drop-down for the OAuth request
- Click Update to save changes to the service provider.
Now you can use Playground application to test the configured request path authenticator. Visit the URL http://wso2is.local:8080/playground2/oauth2.jsp.
Fill in the details on the screen that appears according to the local authenticator you selected for request path authentication. Identity Server will not prompt the login page since it can authenticate the user from the information available in the request.
- Authorization Grant Type: Authorization Code or Implicit
- Client ID: (the client id received at the application registration)
Access Token Endpoint :
The sectoken in the Authorize Endpoint will be the
username:passwordin Base64 encoded format. You can use a Base64 encoder to encode this. For instance, the username and password admin:admin, is "
- Authorization Grant Type: Resource Owner (password grant)
- Client ID: (the client id received at the the application registration)
- Client Secret: (client secret received at the application registration)
- Resource Owner User Name: (username)
- Resource Owner Password: (password of the user)
Access Token Endpoint:
Once you receive the access token, you can use the following Access Token Endpoint :