I need to make some Jira REST calls in my web API application. But I have encountered difficulties around creating authentication using Oauth 2.0 according to documentation below:
https://developer.atlassian.com/cloud/jira/service-desk/oauth-2-authorization-code-grants-3lo-for-apps/
I need help on how I can call the step 1 of the above documentation in postman and subsequently, in my code to obtain the authorization code without going through a browser to paste this link below, as I am working with a backend web API application.
https://auth.atlassian.com/authorize? audience=api.atlassian.com& client_id=YOUR_CLIENT_ID& scope=REQUESTED_SCOPE_ONE%20REQUESTED_SCOPE_TWO& redirect_uri=https://YOUR_APP_CALLBACK_URL& state=YOUR_USER_BOUND_VALUE& response_type=code& prompt=consent
I hope to get suggestions as this has been a blocker for me for days. Thanks.
Related
I will need to pass in an oauth token to a library in order to POST some information in a remote system.
For debugging purposes, I have created a basic app as per the Azure AD and OpenID Connect tutorial
At this point I am stumped. The documentation is somewhat opaque to a newbie and I have been unable to find relevant examples here and elsewhere.
Have a look at one of the samples here. You need to look for a Core app that calls another API (even Graph - it is also an API), e.g.: this one.
I have been reading today about the auth implemented in asp.net core for google and facebook, and prototype-ed a lot. Something that's not clear to me at all, even after going through the MSDN docs. and several blogs: Is any support for backend API validation added in .net core or do I still need to call into the google auth library to validate the auth tokens received from the client.
Note: I am using asp.net core as Web API and I don't use the MVC/Razor part.
thanks for any detail added on this!
I'm trying to set up a simple Web API with ASP.NET Core. I'm working with a custom OAuth set up by the company. The Web API will not support web pages directly. The front end will call it from a separate website using a SPA.
So, I thought I would set up a middle ware component that get the Bearer Token from the API call. I then see if I have that user stored (for 5 minutes - stored in a singleton hopefully that is right too) and if not I send an HTTP request to the authentication server to determine if the user is valid. If they are I get the user information including roles, etc. But then, how do I set the Principal? I've done this in WebAPI 2.*, but haven't seen any tutorials for ASP.NET Core.
This seems like a fairly normal workflow so I don't understand why there aren't many tutorials on the subject. They seemed to be all geared toward when you have a web page - same for WebAPI 2.*.
Any help is much appreciated. If someone can just point me in the right direction that would be great!
I am using mvc 4 web api project template. i have USERMASTER table which contains usename and password for different users.
Now i dont know what authentication is for web api????
how to stop invalid users to access it? ?
Let's say i m using fiddler to call web api. at that moment how can i stop invalid user.( i mean using tool like fiddler we can call web api. so i can stop invalid call not made by the valid user)
Moreover, i wish that user A can access only 5 web apis and user B can access all web apis from my project.
Is it possible???
i know how to use web api.
but i dont know about authentication and authorization process.
please help me.
I m using angularjs to call web apis.
Yes all this is possible but you need to use ASP.NET Web API 2 (.NET framework 4.5) you can find detailed source code and blog posts starting here including AngularJS Authentication using Web API, it should makes things clearer for you.
I'm working on segregating the authentication part of my ASP.net MVC4 application using DotNetOAuth 2.0, Which will means that one project will do only authentication and send out response,based on response it will have access to other application.
The Idea is to get any application or project added later on use one common authentication process.
First thing came to my mind was building a service, in the process a read a lot about Web API and think it can help to achieve what I'm looking for.
Please suggest if you guys have implemented something like this or whats's the best practice.
Should i go with API or service, any link or sample to direct is appreciated
ASP.NET Web API is also a service - a RESTful service. The choice of using a "Service" although is good your underlying authentication platform will define what you should be using.
WCF is much more than a web service where as a Web API is pure HTTP service.
If you expect all your "applications" to be web based then there is no reason why this cannot be a Web API.
This article might be something that should help you decide on your authentication model: http://www.asp.net/web-api/overview/security/external-authentication-services