New post
Question
· Nov 29, 2023

OAuth 2 implementation for communication between a service and IRIS

#OAuth2 #InterSystems IRIS

Hello,

I have created a service in Node.js which interacts with IRIS using APIs. The current implementation uses basic auth. I want to implement OAuth 2, to make the communication between the node.js service and IRIS secure. I want my service to act as client and IRIS as Authorization and Resource server. I don't know how to do that. Anyone who has implemented OAuth using IRIS can you help me out or point me in the right direction on about how to implement it? 

Thank you for your help :)

Discussion (6)3
Log in or sign up to continue
Amy Lin · Dec 4, 2023

To set up IRIS as an authorization server, you will need to set up the necessary configurations in System Administration>Security>OAuth2.0>Server Configurations. Many of these will depend on how you want your application to be interacting with the authorization server. There are also a few classes in %OAuth2.Server.* that you can overwrite to customize the authentication or validation process. For example, setting it so only certain users can request tokens. 

To set up IRIS as a resource server, you will want to set up IRIS as a OAuth2.0 Client and specify the type as "Resource Server". You'll need to make sure that validate the access token. 

More information can be found in documentation under "Identity and Access Management" 

2 0