Click here to view our OAuth 2.0 Overview

InterSystems created this video as a high-level overview of OAuth 2.0 technology, geared toward developers looking to learn the basics of OAuth 2.0. It will teach you how OAuth 2.0 works, what roles are involved, what benefits it can provide, and how InterSystems Caché can be used with this technology.

I am in need of a routine or class method to generate an Oauth 1.0 signature. I was about to code this myself, but thought to check first to see if anyone has already done this and is willing to share.

Thanks in advance for any help.

[UPDATE 06/28/2016]

It's almost a year since I have published a series of articles explaining how to configure Cache instance as a client / resource server / authorization server. By that time, the implementation of OAuth 2.0 was still a pre-release software.

I'm trying to implement an OAuth2 server, but I have som issues when trying to setup JWT under OAuth 2.0->Client.

I get the error message saying "No match between server name 'localhost' and SSL certificate values 'cache'". I have set up a SSL/TLS configuration as simple as possible without any certificate files. I'm accessing my server via HTTPS with an unsigned certificate.

Can anyone point me in the right direction on how to resolve the issue I'm encountering.

Hi!

we are evaluating IRIS Data Platform as an OAuth2 Authorization Server with the use of the official Docker image. We currently struggle with the OAuth2 setup, as we are required to use https:// for the /oauth2/authorize and /oauth2/token endpoints, but the Docker container exposes only http:// in its default configuration. We have tried to find any hints in the docs but were not successful. Any help is appreciated.

Thanks

Klaus & Lukas

I'm trying to authorise my app using OAuth 2.0 i Cache. Sadly I'm unable to exchange the authorization code for an access token.

I am able to redirect user to the /authorize page, where the user can login and approve my app. The user is then correctly redirected back to my app and a ?code parameter is sent back.

Foreword

InterSystems IRIS versions 2022.2 and newer feature a redesigned functionality for JSON web tokens (JWTs). Once housed under the %OAuth2 class package, the JWT class, along with other JSON web classes (JWCs), now live under %Net.JSON. This migration occured in order to modularize the JWCs. Before, they were closely intertwined with the implementation for the OAuth 2.0 framework. Now, they can be maintained and used separately from OAuth2.

Hello,

I have been tinkering with FHIR recently and tried to update the FHIR servers Capability Statement after I made some changes. I updated an OAuth2.Issuer Service Registry entrys URL and needed to update the metadata which the FHIR server sends to the client so they can get the updated URL for the authorization server we use.

However, when I run the Console Setup tool with

LS,

Is there a samples on how to create the OAuth2 server from code? Now trying:

Hi,

I am trying to configure OAuth2 server to connect to Cerner Auth server to get FHIR API access token but I am getting the error "Discovery response not valid".

I can get the access token back okay from Cerner endpoint used in the OAuth configuration below via Postman and Manually sending the request via HTTP Operation from HealthShare, so the URLs I am using looks correct but the OAuth configuration is not working.

Hi all,

I'm performing a migration of some services from one instance to another, and I noticed that the technique defined within the InterSystems Server Migration Guide does not include OAuth client configurations. The recommended technique is to use the ##class(Security.System).ExportAll() and ##class(Security.System).ImportAll() methods.

Is there a way to migrate OAuth client configurations, or do those have to be re-created manually?

Hi Developers!

Here're the technology bonuses for the Security Contest 2021 that will give you extra points in the voting:

• Basic Authentication usage - 2
• Bearer/JWT Authentication usage - 3
• OAuth 2.0 usage - 5
• Authorization components usage - 2
• Auditing usage - 2
• Data Encryption usage - 2
• Docker container usage - 2
• ZPM Package deployment - 2
• Online Demo - 2
• Code Quality pass - 1
• Article on Developer Community - 2
• Video on YouTube - 3

See the details below.

Hi, Community!

We introduced new tags for the posts:

Terminal and OAuth2.

See the full list of tags.

Leave your requests for other new tags to introduce.

I'm trying to save a list of AccessTokens a user for a specific user. This way I could present it together with other user-data.

I have tried calling ##class(OAuth2.Server.AccessToken).OpenByCode(authCode) from %OAuth2.Server.Authenticate's AfterAuthenticate() method. This only returns things like State and AuthorizationCode, but the AccessToken is empty at this point (afterwards it becomes filled out).

Is there a way to achieve storing the AccessToken as part of the login system?