I created a public App for Amazon SP-API.
While updating the App, there were 2 mandatory fields. OAuth Login URI and OAuth Redirect URI. My concern is about the OAuth Login URI. I am not able to save with updating just the OAuth Redirect URI.
I would want to implement the Amazon SP-API Oauth2 only after the user has logged into my website.
When I save the application after filling the two fields, this is what is happening.
User Logs into Amazon.
Authorized the App.
He is shown a list of items the App requests access to.
There is a button at the bottom sign/up Login to App
Once user clicks on the button, it goes to the OAuth Login URI
My application has to do the additional step of routing to amazon_callback_uri.
While the below URL talks about the flow going to the OAuth Redirect URI.
https://developer-docs.amazon.com/amazon-business/docs/website-authorization-workflow
Can you please help me avoid this redirecting to the Login URI and rather redirect to OAuth Redirect URI?
Related
I'm trying to authenticate users of my streamlit app using OAuth 2 as described in this post (article repo here if you can't access post). That implementation provides users a link to click that initiates the OAuth flow and records the access token within the streamlit session. However, if the user refreshes the page the session is lost and the user needs to click a link again to go through the OAuth flow again.
I'm wondering if there's a way to handle the OAuth flow in a way that's more transparent to the user. Is there any way to kick off authentication without user interaction (eg. issue a redirect to the auth URL if the session doesn't have a valid token) within Streamlit?
I am developing a REST API with Spring Boot. I have implemented OAuth2 authorization server, so I am able to call my rest API to get a token:
localhost:8080/oauth/token -d "grant_type=password&scope=write&username=myuser&password=mypassword" -u myclient:mysecret
Now I want to implement "Sign up with FB" functionality, so I am thinking about the following flow:
User clicks on the "Sign up with FB" button.
Mobile app app makes a call to FB and gets an Access Token from FB
Mobile app sends this access token to the backend
Backend creates a new user entity and sends back a new access token (together with refresh token) issued by authorization server.
But I am not sure how to implement the step 4. I tried to find an example on internet, but didn't have any luck. Does anybody have an idea how to implement it?
Here is my OAuth2 implementation: https://gist.github.com/osgafarov/8530464d25895512862a3d1f6013170e
Many thanks!
I understood that you need to signup using fb. but its not suggestible that using the credentials flow, instead that you can use the Implicit Flow.
When user clicks on SignUp using FB Button mobile app Should open embedded browser (SFSafariViewController) and it will open the authorize end point.
when user clicks on approve or Okay the Browser redirects backs(Implicit flow) and closes the Browser View. here you will get the accesstoken in the URI.
Post that AccessToken to your Backend and Obtain the User Information from Facebook from that accesstoken.
Then insert that data into UrDB(in Backend) and return the response to ur client App.
https://5ecfdd32d0a3264463ba-8110a1171af36b468f9bd61da395ee26.ssl.cf2.rackcdn.com/blog/Screen%20Shot%202015-06-22%20at%206.42.07%20PM.png
I've a Login with salesforce functionality enabled in my application. When I generate a login oauth url which consists of app secret and ket and after sending a get request using browser It redirects me to a previously used cache instance url.
It should redirect to https://login.salesforce.com/?ec=302&startURL=%2{someurl}
but instead it's redirecting to https://myinstance.salesforce.com/?ec=302&startURL=%2{someurl} although I'm logged out of salesforce and this url only accepts my login credentials which are linked with my instance where as login.salesforce.com accepts anyone's login credentials.
if I use incognito window it works fine and I've even tested the oauth url using postman the response is a html file which has javascript function which redirects to login.salesforce.com/?ec=302&startURL=%2{someurl}
Is there anyway I can solve this issue or force my oauth url to redirect to login.salesforce instead of cached url.
I'm building an app that requires users to authenticate with Salesforce. However, the problem I'm encountering occurs when Okta (SSO) steps in to authenticate the user automatically. The user is authenticated and redirected to the Salesforce home page, rather than the OAuth callback redirect as configured in the connected app (and passed as query param).
This is happening between steps 3 and 4 on this diagram:
Question: Is there a way I can prevent Okta from automatically authenticating a user on a page?
Just wanted to circle back and post my answer. It was simply the authorization server url. Instead of directing a user to a specific Salesforce instance (i.e., "na17.salesforce.com"), use the Salesforce auth server (i.e., "login.salesforce.com"). This keeps Okta from identifying the specific subdomain and trying to authenticate.
Im making an app and Im integrating Facebook's login. On the app page in the settings its asking for a valid oauth redirect uri.
My url scheme is fb followed by the numbers e.g. fb123456798 .
How do I make an uri based off that ? I need the uri so my app gets called back after user authentication.
Thanks !