diff options
author | Frederick Muriuki Muriithi | 2023-05-30 11:45:23 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-05-30 11:48:38 +0300 |
commit | 8098b21101084212e8c5ed93556892131b8aea58 (patch) | |
tree | 479c3d7154d6b5db49557f5ca112ed2f889e29c0 | |
parent | 4040cb75d1ace71dfcba781534354824b05f0bdf (diff) | |
download | gn-gemtext-8098b21101084212e8c5ed93556892131b8aea58.tar.gz |
Update docs on registering OAuth2 clients.
-rw-r--r-- | topics/authentication/oauth2_clients.gmi | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/topics/authentication/oauth2_clients.gmi b/topics/authentication/oauth2_clients.gmi index 36f5eee..b5fc6cf 100644 --- a/topics/authentication/oauth2_clients.gmi +++ b/topics/authentication/oauth2_clients.gmi @@ -40,13 +40,13 @@ of the form: ### Registering a new OAuth2 Client -* **TODO**: Implement client registration then provide docs here. +To enable the clients (such as GN2 and QC mentioned above) to work with the authentication and/or API server (GN3), we need to register them. We do that on GN3, and only an administrative user has that ability. -**NOTES**: +The administrative user logs on to GN3 on the `/api/oauth2/admin/login` endpoint. Once logged on, they can visit the "Register OAuth2 Client" page on the `/api/oauth2/admin/register-client` endpoint. There they can provide the necessary information, and select from a set of options that apply to the client they are registering. -* Collect appropriate client data and register (provide means) -* Get registered client's "CLIENT ID" and "CLIENT SECRET" values -* Configure values on client +Once the admin submits the registration information, the system will generate CLIENT_ID and CLIENT_SECRET values and show them. The CLIENT_SECRET value is stored encrypted in the system and there is no way to retrieve it once the user navigates it away from the registration page. + +The CLIENT_ID and CLIENT_SECRET values are then added to the client's (e.g. GN2) configurations to enable the client access the servers. ## User Authentication/Authorisation |