Authorization Server User's Guide(4.2)

Prerequisites

The reader of this information should be familiar with:

  • Representational state transfer (REST)

  • RFC 6749 - OAuth 2.0 Authorization Framework

The Authorization Server is a service provider that generates OAuth2 based access token to be used for calling REST APIs hosted on the HTTP/2 Server agent that requires the OAuth2 authorization process. The Authorization Server utilizes platform to run and can be configured to store provisioned scopes and registered clients either in file-based storage or database storage. We currently only support Oracle and PostgreSQL database for the database storage.

Preparing the Authorization Server requires a few steps, as described in Bootstrapping Authorization Server Credentials and Secrets(4.2).

Client Credentials Only

The Authorization Server supports only the OAuth2 "client_credentials" grant type currently.