Jump to content
Lars Fosdal

Indy https server - OAUTH2 implementation?

Recommended Posts

Does anyone know of any Indy OAUTH2 server side implementations?

I.e. Where an external service can use OAUTH2 authentication to achieve connection rights to an API implemented with the Indy http server component?

Share this post


Link to post
2 hours ago, Lars Fosdal said:

Does anyone know of any Indy OAUTH2 server side implementations?

I.e. Where an external service can use OAUTH2 authentication to achieve connection rights to an API implemented with the Indy http server component?

 

Share this post


Link to post

That appears to be the other way around.  The server accesses Google APIs with OAuth2 - while I want to require the use of OAuth2 authentication for a third party to access my APIs served through an Indy HTTP server.

Share this post


Link to post

Not really look at the server OAuth2 implementations, but isn't it usually a separate REST server than handles authentication, returning a bearer token which is passed to the API server, which presumably then checks back locally with the authentication server to validate it?

 

Often the authentication server is run by a separate company, like Okta. Started looking at Okta once, but the level of emails and calls I got put me off.  

 

Angus

 

Share this post


Link to post

I borrowed this image from Felix Colibri's OAuth2 tutorial, which also is written from a client perspective.

True. The authentication can/should be a third party Authentication server.  


I would like to learn how to integrate with such a service from my http server, so that client needs to use OAuth2 to get access to my APIs.
 

image.thumb.png.d99644f5dea1c4ae1d6fe9e260b692e8.png

Share this post


Link to post

That diagram suggests the cloud service is running both authentication and API services, really need a version where they are separate. 

 

It should not be that difficult to design an authentication REST server using ICS or Indy, clearly it would need a database behind it which takes it beyond the type of samples ICS offers,  and into end user application territory.   It would also need a protocol between the authentication and API servers, not sure if there is a standard for that, guess that is Okta's market. 

 

Angus

 

Edited by Angus Robertson

Share this post


Link to post

@Mocte Sandoval I got feedback from Sergio at esegece - unfortunately, their implementation relies on their own auth server, and doesn't support f.x. Azure AD OAuth from the server side.

Sergio was kind enough to describe the required activities, so now I at least have a starting point.

 

@Angus Robertson I don't need an OAuth server - I need an OAuth integration as seen from my own http server.

 

 

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×