Closed. This question needs to be more focused. It is not currently accepting answers. Want to improve this question? Update the question so it focuses on one problem only by editing this post. Closed 5 years ago. Improve this question I want to build a RESTful web service using ASP.NET Web API that third-party developers … Read more
Basically what i want to do is: Use WordPress as a login system and data storage for web-application on another domain. Make users able to register and perform REST calls from the application. Let users manage their accounts and post contents without using wp-admin at all. For REST Api i found a really nice plugin: … Read more
I have a new SPA with a stateless authentication model using JWT. I am often asked to refer OAuth for authentication flows like asking me to send ‘Bearer tokens’ for every request instead of a simple token header but I do think that OAuth is a lot more complex than a simple JWT based authentication. … Read more
In very simple terms, can someone explain the difference between OAuth 2 and OAuth 1? Is OAuth 1 obsolete now? Should we be implementing OAuth 2? I don’t see many implementations of OAuth 2; most are still using OAuth 1, which makes me doubt OAuth 2 is ready to use. Is it? 10 s 10 … Read more
I have an HttpClient that I am using for a REST API. However I am having trouble setting up the Authorization header. I need to set the header to the token I received from doing my OAuth request. I saw some code for .NET that suggests the following, httpClient.DefaultRequestHeaders.Authorization = new Credential(OAuth.token); However the Credential … Read more
Section 4.2 of the draft OAuth 2.0 protocol indicates that an authorization server can return both an access_token (which is used to authenticate oneself with a resource) as well as a refresh_token, which is used purely to create a new access_token: https://www.rfc-editor.org/rfc/rfc6749#section-4.2 Why have both? Why not just make the access_token last as long as … Read more
I am trying to set up WordPress as an OAuth2 client. All of our users are stored in our proprietary CMS which is an OAuth provider. We have very little (to no) users in our WordPress database, primarily just administrators. Ideally, I do not want to store user data in the WordPress database because I … Read more
I’m really trying to understand the difference between OpenID and OAuth? Maybe they’re two totally separate things? 2Best Answer 21 OpenID is about authentication (ie. proving who you are), OAuth is about authorisation (ie. to grant access to functionality/data/etc.. without having to deal with the original authentication). OAuth could be used in external partner sites … Read more
