https://connect.hyland.com/t5/nuxeo-forum/authentication-to-rest-api-with-oauth2/m-p/318217#M5218 <P>Even if I recommend you to use something easier to handle HTTP request; like jersey-client, to query our REST API, you just need to</P> Fri, 25 Sep 2015 15:01:29 GMT Arnaud_Kervern 2015-09-25T15:01:29Z https://connect.hyland.com/t5/nuxeo-forum/authentication-to-rest-api-with-oauth2/m-p/318214#M5215 <P>Hi, I'm using REST API within a Web Java App to get query results which works great but the next step is to authenticate without having to use user's passwords.</P> <P>Is using OAuth2 to authenticate, the best way to do it ?</P> <P>I've tried it and so far I can't get the response that will give me the authorization code to get the access token via Java code. When I try with http requests, it's ok but I have to accept (through oauth2Grant.jsp button), but I am missing something with using it with a Java HttpURLConnection...</P> <P>Thanks.</P> Mon, 21 Sep 2015 21:43:22 GMT https://connect.hyland.com/t5/nuxeo-forum/authentication-to-rest-api-with-oauth2/m-p/318214#M5215 chouinard_ 2015-09-21T21:43:22Z https://connect.hyland.com/t5/nuxeo-forum/authentication-to-rest-api-with-oauth2/m-p/318215#M5216 <P>Hi,</P> <P>I think there are several others solutions that fit better to your case. As you do not want to add any new user authentication step:</P> <UL> <LI><P>if your queries are executed server side on the same host, the easiest way is to use nuxeo-platform-login-portal-sso. A simple query header with a shared secret and the authenticated username.</P> </LI> <LI><P>if your queries are server side without a DMZ, you have to sign the request to ensure it goes safe. In this case i'll recommend you to use Oauth1 2 legged. Take a look to this jersey client filter to see how to handle it: <A href="https://github.com/nuxeo/nuxeo.io-manager/blob/master/nuxeo-io-manager/src/main/java/org/nuxeo/io/connect/OauthAuthFilter.java" target="test_blank">https://github.com/nuxeo/nuxeo.io-manager/blob/master/nuxeo-io-manager/src/main/java/org/nuxeo/io/connect/OauthAuthFilter.java</A>.</P> </LI> <LI><P>if your queries are client &lt;-&gt; server, you can use nuxeo-platform-login-token, when authenticating a user; you'll ask Nuxeo to give you a token that you'll add to each user requests.</P> </LI> </UL> Thu, 24 Sep 2015 11:42:48 GMT https://connect.hyland.com/t5/nuxeo-forum/authentication-to-rest-api-with-oauth2/m-p/318215#M5216 Arnaud_Kervern 2015-09-24T11:42:48Z https://connect.hyland.com/t5/nuxeo-forum/authentication-to-rest-api-with-oauth2/m-p/318216#M5217 <P>Hi, thanks for the answer.</P> Thu, 24 Sep 2015 16:27:12 GMT https://connect.hyland.com/t5/nuxeo-forum/authentication-to-rest-api-with-oauth2/m-p/318216#M5217 chouinard_ 2015-09-24T16:27:12Z https://connect.hyland.com/t5/nuxeo-forum/authentication-to-rest-api-with-oauth2/m-p/318217#M5218 <P>Even if I recommend you to use something easier to handle HTTP request; like jersey-client, to query our REST API, you just need to</P> Fri, 25 Sep 2015 15:01:29 GMT https://connect.hyland.com/t5/nuxeo-forum/authentication-to-rest-api-with-oauth2/m-p/318217#M5218 Arnaud_Kervern 2015-09-25T15:01:29Z https://connect.hyland.com/t5/nuxeo-forum/authentication-to-rest-api-with-oauth2/m-p/318218#M5219 <P>Where can we find some documentation about using nuxeo-platform-login-token from a client application ?</P> Thu, 28 Apr 2016 09:12:53 GMT https://connect.hyland.com/t5/nuxeo-forum/authentication-to-rest-api-with-oauth2/m-p/318218#M5219 pibou_Bouvret 2016-04-28T09:12:53Z