We have a mobile application in which we want to integrate aws lex chatbot.We are using wso2 authentication for mobile app to authenticate user. Can we propogate this wso2 access token to authenticate user in lex chatbot as well?
Related
I have a react application which uses Amplify to connect to AWS cognito userpool. I wanted to connect zendesk to this userpool using SAML, so that any user, logged into my react application should automatically get logged into zendesk.
I went through zendesk's documentation for SSO and it supports SAML based authentication. But on congito side, it doesn't support SAML as an Identity Provider.
Can somebody please help me understand the right way of connecting these two applications?
I use WSO2 API Manager 2.5.0 and authorization code grant for getting access token. But now I need to authenticate my mobile client. I can't keep client secret at mobile client. And I found that authorization code grant support Proof Key for Code Exchange (PKCE) without necessity to send client secret on the second step of the flow (https://www.oauth.com/oauth2-servers/pkce/). But I not found any setting in WSO2 API Manager Store connected with PKCE.
Is authorization code grant using PKCE supported in WSO2 API Manager?
I am new to WSO2 API Manager. I have installed it to proxy my REST endpoints and to do access management via oAuth2.
Great! I managed to get access to my backend REST implementation through the oAuth2 process of API Manager (via API console). Now I want to setup the complete roundtrip starting from a user authentication process where identity is verified with corresponding roles. So...
Next I want to create a single page app and bring an authentication step by either redirect the user to a login page (authentication service) or let the user interact with single app page directly and let the single app page do the login to some authentication service.
Question:
Can I use the Key Manager component of the API Manager to handle user authentication (oAuth2 based) or do I need to install the WSO2 Identity Server to handle the authentication?
I see that WSO2 API Manager can host Users and Roles, a User Store and an endpoint to handle (authz) token requests, but can it also handle a login (authentication) request from my single app?
You can use APIM with OAuth2 Authorization code grant type. See this sample in identity server docs, but use below endpoints of APIM instead of IS endpoints.
https://localhost:8243/authorize
https://localhost:8243/token
Is there any token based Rest API, for authentication using wso2, like openam provides REST API for authentication.
I can see there is available for OAuth token api
https://docs.wso2.com/display/IS450/OAuth+Bearer+Token-based+Authentication+for+SCIM+Endpoints
but for STS, Is there any REST API for example I am login using Username Password and I got security token I can use it session.
I had check saml SSO api example contain servlet , didn t work out for me
I have independent play web applications, my scenario is
web app1 login to wso2 ,
get sso token and saml token
suppose saml token expire in 10 min
web app1 can renew session using sso token,
And then request for a new saml token
Question is
WSO2: how does my app can refresh
login session using some token
If there is any API or using any REST API how this token is managed and re generated if SSO token is expired after some time
Thanks,
I am very new to wso2 API manager. Sometimes an application might need to call a service in another application on behalf of a user. How can we make this in wso2 API manager by configuring Signed JWT Authenticator as like Google OAuth 2.0 Authorization Server?
If user is authenticated by saml2 in the application, then application can get the oauth token using saml token and invoke the apis on behalf of user.
check following links for more detail
1.http://shafreenanfar.blogspot.in/2014/02/exchanging-sml2-token-to-oauth2-token.html
2.http://pushpalankajaya.blogspot.in/2014/01/invoking-apis-using-web-app-with-oauth2.html