· Nov 29, 2023

OAuth 2 implementation for communication between a service and IRIS


I have created a service in Node.js which interacts with IRIS using APIs. The current implementation uses basic auth. I want to implement OAuth 2, to make the communication between the node.js service and IRIS secure. I want my service to act as client and IRIS as Authorization and Resource server. I don't know how to do that. Anyone who has implemented OAuth using IRIS can you help me out or point me in the right direction on about how to implement it? 

Thank you for your help :)

Discussion (6)3
Log in or sign up to continue

To set up IRIS as an authorization server, you will need to set up the necessary configurations in System Administration>Security>OAuth2.0>Server Configurations. Many of these will depend on how you want your application to be interacting with the authorization server. There are also a few classes in %OAuth2.Server.* that you can overwrite to customize the authentication or validation process. For example, setting it so only certain users can request tokens. 

To set up IRIS as a resource server, you will want to set up IRIS as a OAuth2.0 Client and specify the type as "Resource Server". You'll need to make sure that validate the access token. 

More information can be found in documentation under "Identity and Access Management"