- Log in to post comments
User bio
404 bio not found
Member since Dec 4, 2015
Posts:
Marvin has not published any posts yet.
Replies:
Consider the flow of the access token:
1. Client requests the access token.
2. authorization server authenticates user and issues token
3. client receives token -- IsAuthorized will now return 1 in the same CSP session
4. client uses access token in Authorization header to authorize to resource server.
5. The resource server knows nothing about the access token at this point. In order to validate the access token, the resource server either needs to check signatures (%SYS.OAuth2.Validation:ValidateJWT) or contact the authorization server (%SYS.OAuth2.AccessToken methods GetUserinfo or GetIntrospection). Exactly which method to use depends on how the authorization server is configured. The standards do not specify in detail. You need to contact the authorization server support folks.
- Log in to post comments
If you are generating access tokens, then you are probably on the server where the access tokens are stored in OAuth2.Server.AccessToken. OAuth2.AccessToken is where the access tokens are stored on the client.
Both of these tables must be accessed from the %SYS namespace and privileges to access CACHESYS database are required.
- Log in to post comments
Certifications & Credly badges:
Marvin has no Certifications & Credly badges yet.
Followers:
Marvin has no followers yet.
Following:
Marvin has not followed anybody yet.
Why do you need EnsLib.EDI.XML.Document? If you already have persistent classes, then you can use the persistent classes in many places where EnsLib.EDI.XML.Document can be used.