Authentication process
Hi , I am working on web service call to Lithium for pulling the data and display on our sites. As part of this implementation ,the first call made is to get authenticated and obtain a valid toke...
Forum Discussion
Hi Hari329
welcome to the forum. In terms of authentication, you will need to manage expired tokens. You can either use the standard username/password authentication system with session token, or use the new OAuth 2.0 auth grant flow
- http://community.lithium.com/t5/Community-API/bd-p/developers-rest-api?page=authentication
- http://community.lithium.com/t5/Community-API-v2/OAuth-2-0-authorization-grant-flow/ta-p/138402
In OAuth 2.0 you still need to handle expired access tokens and refresh tokens (more info here)
If you are looking into reducing the amount of calls made you should investigate if the Studio Endpoints are a viable alternative in your use case.
I hope this is helpful,
Hi Paolo,
Thanks for the input.
Please correct me if I my understanding is not correct - as per OAuth 2.0 authorization grant flow process , user will be taken to log in page first time to enter credentials and then lithium authenticates request based on credentials & accept same authenticated access token for next 24 hours.
Is there any way we can pass these credentials programmatically so that it won’t ask end user to enter credentials ?
In our requirement , we are going to call our lithium community site for pulling data and display to customer. We can’t redirect to log in screen of lithium for the first time for the authentication process.
Please correct me if my understanding is not correct.
Thanks,
Hari
