Answer the question
In order to leave comments, you need to log in
I
I
Igor2020-11-25 11:31:25
Igor, 2020-11-25 11:31:25
How to implement authorization for external services?
There is a task to write authorization for External services.
As such, there are no requirements yet, but they may suddenly appear.
For example, who, how much, when and where applied for data, revoke the token, and so on, but for now we will omit this.
Now in the application there is an almost standard authorization provided by Symfony tools.
In exchange for a username and password, Symfony gives JWT.
But this authorization is intended for users of the system.
Now we need to implement authorization for external integrations.
I am collecting material for the implementation of this feature.
In particular, the question is of interest.
If, with standard authorization, we pass a login / password pair and get a token.
Then, when authorizing with an external resource, we will exchange Client ID & Client Secret for code, and code for access_token
Everything is like in VKApi or Google auth.
In fact, the database should store information Client ID, Client Secret by analogy with users?
Would like to hear recommendations.
PS
Studying material
Here is some material on the topic to study
Similar questions
M
1
P
M
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question