Re: Redirection to another application using UAA : Best Practices required
Sree Tummidi
Please see my answers inline
1. We are using "password" grant type and wanted more information : Do we
have any api to authenticate and redirection to the url ?
*[Sree]: Its not clear to me why you are using the Password Grant. We
handle redirection only for UI based grant types which is either
Authorization Code or Implicit.*
*Password Grant should be only used with native apps or if you want to be
in control of the login experience in which case there is no redirection
because your application will serve a login page and collect the username
and password and then hit the token endpoint with username, password ,
client id and client secret .*
2. In case we are using authorization code grant type & have single client
for multiple user. Post the authentication do we get same authorization
code for each user or different for each user ?
*[Sree]: The codes and tokens are generated per user*
Thanks,
Sree Tummidi
Staff Product Manager
Identity - Pivotal Cloud Foundry
On Wed, Sep 28, 2016 at 6:57 AM, Rajan vakharia <rajan.vakharia(a)gmail.com>
wrote:
1. We are using "password" grant type and wanted more information : Do we
have any api to authenticate and redirection to the url ?
*[Sree]: Its not clear to me why you are using the Password Grant. We
handle redirection only for UI based grant types which is either
Authorization Code or Implicit.*
*Password Grant should be only used with native apps or if you want to be
in control of the login experience in which case there is no redirection
because your application will serve a login page and collect the username
and password and then hit the token endpoint with username, password ,
client id and client secret .*
2. In case we are using authorization code grant type & have single client
for multiple user. Post the authentication do we get same authorization
code for each user or different for each user ?
*[Sree]: The codes and tokens are generated per user*
Thanks,
Sree Tummidi
Staff Product Manager
Identity - Pivotal Cloud Foundry
On Wed, Sep 28, 2016 at 6:57 AM, Rajan vakharia <rajan.vakharia(a)gmail.com>
wrote:
HI Sree,
Thanks for your inputs, we have couple of questions can you please try to
address them as well?
1. We are using "password" grant type and wanted more information : Do we
have any api to authenticate and redirection to the url ?
2. In case we are using authorization code grant type & have single client
for multiple user. Post the authentication do we get same authorization
code for each user or different for each user ?
Thanks,
Rajan Vakharia