You should be able to create a new class in whatever database you're doing this in, no parent class needed.
Within that class define a ValidateUser class method as above. It should check their credentials and confirm a user exists. If you're using the Caché users table you can use the example above, otherwise you'll need to open the relevant person class and pull the relevant fields from there. Then set the claims that you want to send back to the client based on which scopes you're using. You can set claims with:

Do properties.SetClaimValue("name",tUser.Name)

You can check scopes with something like:


Then in the portal under System Admin -> Security -> OAuth2 -> Server. Go to the Customization tab and change the Validate User Class to your new class name. That will make the OAuth processing look there for a ValidateUser method and call it.



Hi Yani,

I just pushed a working example of using OAuth in an Angular 1 application. It should be helpful to you. See the widgets-direct demo project here:

For help configuring the authorization server see Dan Kutac's articles here on the developer community. The key points in this case are allowing the implicit grant type, the token response type, and properly setting the redirect URL. 

Let me know how it goes for you.