You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@fineract.apache.org by Rama Reddy <re...@yahoo.com.INVALID> on 2019/09/26 16:08:28 UTC
How OAuth2 works in Fineract 1.x
Folks,I just joined community forum and trying to understand how Basic Auth,OAuth2 and 2 Factor Authentication has been implemented in Fineract 1.x.Would appreciate if you can share some documentation around this ??Few questions1. Does Fineract has IDP( Identity provider ) components who can maintain access token , issues refresh token, entitlements etc ??2. Is it necessary for user to have Basic Auth setup( uid&pwd) to get Oauth token ??Assume I have client application which manages it's own identity access & customer setup , but users of this App need to have access to Fineract APIs.. how does current Fineract OAuth2 solution would support my use case ?? If not,please share how to customize it further.
Regards Ram
Sent from Yahoo Mail on Android
Re: How OAuth2 works in Fineract 1.x
Posted by Rama Reddy <re...@yahoo.com.INVALID>.
Thanks Ed for quick response.
Regards Ram
Sent from Yahoo Mail on Android
On Fri, 27 Sep 2019 at 6:57, Ed Cable<ed...@mifos.org> wrote: Hello Rama,
Welcome to the community!
Here is some of the documentation on 2FA: https://mifosforge.jira.com/wiki/spaces/projects/pages/185277689/GSoC+2017+-+Two-Factor+Authentication
Here's also a thread where some of the configuration/activation of 2FA is discussed:
https://markmail.org/thread/4anr234ivgieamiy
I will let others respond to your two questions but the link i shared on another thread about the API Gateway introduces how the identity server as part of WSO2 can be used for identity management for third parties accessing data in the system via APIs exposed via the API Gateway.
You can also reference: https://docs.google.com/document/d/1F7Wz5TaHfZ0quS-qjrUJleXWYwtRfMXdnZy3MdC50ws
Ed
On Thu, Sep 26, 2019 at 9:08 AM Rama Reddy <re...@yahoo.com.invalid> wrote:
Folks,I just joined community forum and trying to understand how Basic Auth,OAuth2 and 2 Factor Authentication has been implemented in Fineract 1.x.Would appreciate if you can share some documentation around this ??Few questions1. Does Fineract has IDP( Identity provider ) components who can maintain access token , issues refresh token, entitlements etc ??2. Is it necessary for user to have Basic Auth setup( uid&pwd) to get Oauth token ??Assume I have client application which manages it's own identity access & customer setup , but users of this App need to have access to Fineract APIs.. how does current Fineract OAuth2 solution would support my use case ?? If not,please share how to customize it further.
Regards Ram
Sent from Yahoo Mail on Android
--
Ed CablePresident/CEO, Mifos Initiativeedcable@mifos.org | Skype: edcable | Mobile: +1.484.477.8649
Collectively Creating a World of 3 Billion Maries | http://mifos.org
Re: How OAuth2 works in Fineract 1.x
Posted by Ed Cable <ed...@mifos.org>.
Hello Rama,
Welcome to the community!
Here is some of the documentation on 2FA:
https://mifosforge.jira.com/wiki/spaces/projects/pages/185277689/GSoC+2017+-+Two-Factor+Authentication
Here's also a thread where some of the configuration/activation of 2FA is
discussed:
https://markmail.org/thread/4anr234ivgieamiy
I will let others respond to your two questions but the link i shared on
another thread about the API Gateway introduces how the identity server as
part of WSO2 can be used for identity management for third parties
accessing data in the system via APIs exposed via the API Gateway.
You can also reference:
https://docs.google.com/document/d/1F7Wz5TaHfZ0quS-qjrUJleXWYwtRfMXdnZy3MdC50ws
Ed
On Thu, Sep 26, 2019 at 9:08 AM Rama Reddy <re...@yahoo.com.invalid>
wrote:
> Folks,
> I just joined community forum and trying to understand how Basic
> Auth,OAuth2 and 2 Factor Authentication has been implemented in Fineract
> 1.x.
> Would appreciate if you can share some documentation around this ??
> Few questions
> 1. Does Fineract has IDP( Identity provider ) components who can maintain
> access token , issues refresh token, entitlements etc ??
> 2. Is it necessary for user to have Basic Auth setup( uid&pwd) to get
> Oauth token ??
> Assume I have client application which manages it's own identity access &
> customer setup , but users of this App need to have access to Fineract
> APIs.. how does current Fineract OAuth2 solution would support my use case
> ?? If not,please share how to customize it further.
>
> Regards
> Ram
>
> Sent from Yahoo Mail on Android
> <https://go.onelink.me/107872968?pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature>
>
--
*Ed Cable*
President/CEO, Mifos Initiative
edcable@mifos.org | Skype: edcable | Mobile: +1.484.477.8649
*Collectively Creating a World of 3 Billion Maries | *http://mifos.org
<http://facebook.com/mifos> <http://www.twitter.com/mifos>