Products Products
Support & Forums Support & Forums
Compliance Testing Compliance Testing
Labs & Sandboxes Labs & Sandboxes
Program Program
Co-Marketing Co-Marketing
Avaya Experience Platform Avaya Enterprise Cloud Avaya Client SDK Avaya Aura Platform See All Products Find Developer Resources

Avaya Experience Platform

Overview Interfaces Learning Support Options Compliance Testing

Avaya Enterprise Cloud

Overview Interfaces Learning Support Options Compliance Testing

Avaya Client SDK

Overview Programming Docs Developer Downloads Licensing Support & Testing

Avaya Aura Platform

Application Enablement Services Communication Manager Presence Services Snap-in Session Manager System Manager Session Border Controller
About DevConnect Support Submit Support Tickets Support Forums Other Support Options

About DevConnect Support

Support Options Support FAQs Supported Platforms and Interfaces

Submit Support Tickets

Procured System Support
For procurement issues or questions Remote Lab Support
For issues and questions related to DevConnect remote labs Membership & Program Support
For membership and program benefits questions General Support
For general issues not covered by the other support tickets

Support Forums

Avaya Client SDK AEServices DMCC APIs AEServices JTAPI AEServices Web Services Avaya Workspaces Avaya Experience Platform Orchestration Designer All Forums

Other Support Options

Product Notices Non-DevConnect Support Resources

Compliance Testing

About Compliance Testing Compliance Tested Solutions

About Compliance Testing

Compliance Testing Overview Avaya Interfaces Eligible For Testing Compliance Testing FAQs Compliance Testing Guide(s) (PDF)

Compliance Tested Solutions

DevConnect Marketplace Search Applications Notes

Labs & Sandboxes

Remote Labs Procurement Benefits

Remote Labs

Remote Labs Overview Avaya Aura Session Manager Avaya Aura AE Services & Communication Manager Self Services (Experience Portal) Avaya Proactive Outreach Manager Avaya Contact Center Elite

Procurement Benefits

About DevConnect Procurement Access/View Procurement Catalog Procurement FAQs DevConnect Procured System Support

Program

Program Overview Program Benefits Membership Options

Program Overview

DevConnect Membership Levels DevConnect Program Guide (PDF) DevConnect Program FAQs

Program Benefits

Membership Benefits DevConnect Procurement Co-marketing

Membership Options

Manage My Portfolio/Solutions Manage My Profile

Co-Marketing

Co-Marketing Benefits Relationship Benefits

Co-Marketing Benefits

Co-Marketing Overview Logos Marketplace Co-branded Collateral Select Product Program

Relationship Benefits

Social Media 8-and-Out Podcasts Sponsorships Advertising

Author Message
15/07/2021 05:12:53
Subject: External Authorization Client on BREEZE 3.8
#1
RahulJangam
Joined: Jun 8, 2009
Messages: 9
Offline
Hello experts,

I am trying to create an External Authorization client on the BREEZE 3.8. I want to use the client credentials flow which means, i do not need the redirection. Hence on the Add new External Authorization Client page, i do not need to add the redirect URL right?

Also, when I upload the certificate, all i need to do is to create JWT token using client id & certificate in the asked JWT format and then call the token URL which should then authenticate my request using JWT token and generate the bearer token.

next, I collect the bearer token and pass it in Authorization header while accessing the resource on the Resource Server.

Am i missing anything? Unfortunately there is no working example for client credentials flow except the documentation. hence i want it make sure my understanding is correct
PM
16/07/2021 05:31:32
Subject: External Authorization Client on BREEZE 3.8
#2
prasanna.kulkarni
Joined: Jun 1, 2015
Messages: 18
Offline

Hi Rahul,

I've got below answer from Breeze A&A experts:

You do not need redirect URL.
Please make sure grant_type=client_credentials

For
"Also, when I upload the certificate, all i need to do is to create JWT token using client id & certificate in the asked JWT format and then call the token URL which should then authenticate my request using JWT token and generate the bearer token."
>>make sure grant_type=client_credentials

For
Am i missing anything? Unfortunately there is no working example for client credentials flow except the documentation. hence i want it make sure my understanding is correct
>>
Steps are correct, can you use JWT view the token?
Make sure that resource server recognizes the token for information such as client_id, scope and etc.

Hope this helps.

Regards,
Prasanna
PM
20/07/2021 23:42:58
Subject: Re:External Authorization Client on BREEZE 3.8
#3
RahulJangam
Joined: Jun 8, 2009
Messages: 9
Offline
HI Prasanna,

Thanks for your response. I was successfully able to create external Authorization client using certificate and then got access token by sending JWT signed with PRIVATE key to Authorization token service. And using access token, i was able to validate it and use it in the Resource Server snap-in to serve by REST request. .

However, I still have question. How do i retrieve the scope for the bearer token sent in the API request? For example, i have read and write scope. And i want to cross check if the bearer token has read or write permission as per by REST API i.e. if someone calls a REST API that needs write permission but access token was generated using read permission only, i want to block this request. Where do i do this check within Resource server?

Thanks,
Rahul
PM
21/07/2021 22:50:49
Subject: External Authorization Client on BREEZE 3.8
#4
AMProduce
Joined: Jul 21, 2021
Messages: 1
Offline
I trying to configure my tools. If you can help me out please let me know.
PM
Go to:   
Mobile view