Forum Discussion

Nav's avatar
Nav
Ace
7 years ago

To get Apiv2 authorization code without login page

Hi I got Apiv2 authorization code to use in my client application by using the below request   https://community.xxxxxxxxxx.co.uk/auth/oauth2/authorize?client_id=xxxxxxxxxxx&response_type=code&red...
  • HiteshKumar's avatar
    7 years ago

    Hi Nav

     

    I think you should use Session Key Authentication

     

    Please See the doc :

    https://community.lithium.com/t5/Developer-Documentation/bd-p/dev-doc-portal?section=sessionauth

     

     

    Using this you can authorise the user by making this below call.

     

    curl -XPOST 'https://yourcommunity.com/restapi/vc/authentication/sessions/login?user.login=<login>&user.password=<password>'

     

    If you follow OAuth 2.0 implementation, authorise will be done on Lithium End only.

    If the user successfully logged in then it will redirect to the mention redirection Url along with auth code.Which can be used for further Api Call.

     

  • Nav's avatar
    Nav
    7 years ago

    Hi HiteshKumar,

    Thanks. You are right. The same I have implemented as below

    	$username = 'xxxx';
    	$password = 'xxxxx';
    	//Get session key from lithium
    	$login_fields = array(
    		'user.login' => $username,
    		'user.password' => $password,
    		'xslt' => 'json.xsl',
    		);
    	$response = drupal_http_request('http://community.xxxx.co.uk/restapi/vc/authentication/sessions/login', array(
    		'data' =>  drupal_http_build_query($login_fields),
    		'method' => 'POST',
    		'headers' => array('Content-Type' => 'application/x-www-form-urlencoded'),
    	)

    and passed restapi.session_key id along with actual request.

    I received what I wanted now. :) 

    Thanks.