Link Search Menu Expand Document

BETA FEATURE

Expect bad behavior and open issues

OAuth

An open standard for token-based authentication and authorization on the Internet.

Gancio supports OAuth 2.0, an authorization framework described in RFC 6749 that allows third-party applications to obtain limited access to an HTTP service on behalf of a resource owner, through the use of a standardized authorization flow that generates a client access token to be used with HTTP requests.

To obtain an OAuth token for a Gancio instance, make sure that you allow your users to specify the domain they want to connect to before login. Use that domain to acquire a client id/secret and then proceed with normal OAuth 2.


Create client

Create a new application to obtain OAuth2 credentials.

POST

/api/client

Request parameters

client_name string A name for your application
redirect_uris string Where the user should be redirected after authorization
scopes string Space separated list of scopes. If none is provided, defaults to event:write as it’s the only supported scope!
website string A URL to the homepage of your app

Example

curl -X POST \
        -d 'client_name=Wordpress Event Manager' \
        -d 'redirect_uris=https://noblogs.org/' \
        -d 'website=https://myapp.example' \
        http://localhost:13120/api/client

Returns

Application, with client_id and client_secret

{
   "name" : "Wordpress Event Manager",
   "scopes" : "event:write",
   "website" : "https://myapp.example",
   "client_secret" : "909029fa12797e6bdfb5baf5e379675dfa4e3ad4",
   "redirect_uris" : "https://noblogs.org",
   "client_id" : "0f377e34b2aaf517f7db534f32d26b0dd938fb6d"
}

List of scopes

  • event:write
    Grant access to add/update events.

Authorize a user

Displays an authorization form to the user. If approved, it will create and return an authorization code, then redirect to the desired redirect_uri. The authorization code can be used while requesting a token to obtain access to user-level methods.

/assets/thumbs/oauth_auth.png

GET

/authorize

Request parameters

response_type string Should be set equal to code
redirect_uri string Where the user should be redirected after authorization
scope string Should be event:write
client_id string client_id, obtained during app registration.

Obtain a token

POST

/oauth/token

Request parameters

client_id string client_id obtained during client registration
client_secret string client_secret obtained during client registration
scope string Should be event:write
grant_type string Set equal to authorization_code
code string A user authorization code, obtained via /authorize