This OAuth2 client app first obtains an Access Token from the Authorization Server with which the VOOT Resource Server can be accessed to query protected resources.

1 OAuth Settings

OAuth Client Id

The client must have obtained the key out-of-band during the registration process

OAuth secret

The secret (normally a UUID) is also obtained out-of-band by the client during the registration process

OAuth scopes (space-separated, case-sensitive)

The scope for which to grant access

OAuth grant type Authorization code Implicit Client Credentials

A credential representing the resource owner's authorization (to access its protected resources) used by the client to obtain an access token

Use no redirect URI

Check the above to ensure we don't use the playground redirect-uri. Then after the authorization code is granted you will be redirected to the pre-configured redirect for this client. This of course depends on which authorization server you are using.

AccessToken URL

The access token endpoint of the Authorization server

Authorization URL

The authorization endpoint of the Authorization server

2 OAuth Authorization

Authorization URL

<p class="help-block">The URL to redirect to for user authentication
                </p>

<div class="buttons">
                  <button name="step2" class="c-button">Next</button>
                  <button name="reset" class="c-button">Reset</button>
                </div>
              </div>
            </div>
          </div>
        </div>

<div class="panel panel-default">
          <div class="panel-heading" role="tab" id="step3heading">
            <h4 class="panel-title">
              <a data-toggle="collapse" data-parent="#mainOptions" href="#step3" aria-expanded="false"
                 aria-controls="step3">
                <span class="badge">3</span><span class="badge-label">OAuth Requests</span>
              </a>
            </h4>
          </div>
          <div id="step3" class="panel-collapse collapse" role="tabpanel" aria-labelledby="step3heading">
            <div class="panel-body">
              <div class="fields">
                <label for="accessToken">Access token</label>
                <input id="accessToken" type="text" th:field="*{accessToken}" class="input-xlarge" readonly="true"/>

<p class="help-block">Note: this is the accessToken for
                  all subsequent OAuth queries</p>
                <label for="requestURL">API Request </label>
                <input id="requestURL" type="text" th:field="*{requestURL}" class="input-xlarge"/>

<p class="help-block">An endpoint on the <a href="http://openvoot.org/protocol/"
                                                            target="_blank">VOOT</a> Resource server</p>

<div class="buttons">
                  <button name="step3" class="c-button">Fetch</button>
                  <button name="reset" class="c-button">Reset</button>
                </div>
              </div>
            </div>
          </div>

</div>
      </div>
      <input id="step" type="hidden" th:value="${settings.step}" name="step"/>
      <input id="parseAnchorForAccessToken" type="hidden" th:value="${parseAnchorForAccessToken}"/>
    </form>
    <div class="col-md-4">
      <div id="request">
        <div class="alert alert-info alert-http">HTTP Request</div>
        <pre id="requestInfo" class="prettyprint pre-scrollable pre-json" th:text="${requestInfo}">requestInfo </pre>
      </div>
      <div id="response">
        <div class="alert alert-info alert-http">HTTP Response Headers</div>
          <pre id="responseInfo" class="prettyprint pre-scrollable pre-json"
               th:text="${responseInfo}">responseInfo</pre>
      </div>
      <div id="raw-response">
        <div class="alert alert-info alert-http">HTTP Response Body</div>
          <p th:text="${responseTime}"></p>
          <pre id="rawResponseInfo" class="prettyprint pre-scrollable pre-json"
               th:text="${rawResponseInfo}">responseInfo</pre>
      </div>
    </div>
  </div>
</div>

</body>
</html>