Hi all,
A partner of ours is working on machine to machine communication and asked how to save credentials in that case. At the moment he works with a separate pool user and a proxy that has the credentials in its configuration, but he hopes to get rid of the pool user and proxy.
What are his options?
Best answer by Vincent Doppenberg
Hello Boudewijn,
Without knowing the entire context, a typical way to do authentication in machine to machine scenarios is OAuth 2.0 Client Credentials. This will be supported by the platform as of version 2023.2. A solution that could already work is using the OAuth 2.0 Authorization Code flow and bootstrapping it manually one time, to obtain a refresh token and then using that refresh token to continuously obtain new access tokens and refresh tokens.
Both of these options still require a client_id and client_secret to be stored somewhere though, but storing this information in some kind of configuration file on the server is usually reasonable.
Hello Boudewijn,
Without knowing the entire context, a typical way to do authentication in machine to machine scenarios is OAuth 2.0 Client Credentials. This will be supported by the platform as of version 2023.2. A solution that could already work is using the OAuth 2.0 Authorization Code flow and bootstrapping it manually one time, to obtain a refresh token and then using that refresh token to continuously obtain new access tokens and refresh tokens.
Both of these options still require a client_id and client_secret to be stored somewhere though, but storing this information in some kind of configuration file on the server is usually reasonable.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
