-
Description This is a long shot, but I'm in dire need of advice. If you know of a more appropriate subreddit (or any other community for that matter) for this type of question please share! I'm working with a legacy OAuth system using email + password grant type (deprecated, I know: it's out of my control). I have to somehow connect this authentication service with a database backend for which I have an API key for. Ideal flow
Things I've considered
|
Beta Was this translation helpful? Give feedback.
Replies: 3 comments
-
You can probably use the regular bearer token authenticator for this! It doesn’t care how the token was issued, only checks if it is valid! |
Beta Was this translation helpful? Give feedback.
-
@aeneasr I don't believe the bearer token authenticator allows for body fields (such as our client_id and client_secret) that are required for the introspection request. Please correct me if I'm wrong (I hope I am!) |
Beta Was this translation helpful? Give feedback.
-
@aeneasr I was able to accomplish this with the feature included in this MR. |
Beta Was this translation helpful? Give feedback.
@aeneasr I was able to accomplish this with the feature included in this MR.