OAuth2

Learn how to log users in and out with REST Level 2 requests and OAuth 2.0 Authorization Code flow with PKCE.

Labels
AJAX(112) App Studio(7) Apple(1) Application Builder(245) Application Factory(207) ASP.NET(95) ASP.NET 3.5(45) ASP.NET Code Generator(72) ASP.NET Membership(28) Azure(18) Barcode(2) Barcodes(3) BLOB(18) Business Rules(1) Business Rules/Logic(140) BYOD(13) Caching(2) Calendar(5) Charts(29) Cloud(14) Cloud On Time(2) Cloud On Time for Windows 7(2) Code Generator(54) Collaboration(11) command line(1) Conflict Detection(1) Content Management System(12) COT Tools for Excel(26) CRUD(1) Custom Actions(1) Data Aquarium Framework(122) Data Sheet(9) Data Sources(22) Database Lookups(50) Deployment(22) Designer(177) Device(1) DotNetNuke(12) EASE(20) Email(6) Features(101) Firebird(1) Form Builder(14) Globalization and Localization(6) How To(1) Hypermedia(2) Inline Editing(1) Installation(5) JavaScript(20) Kiosk(1) Low Code(3) Mac(1) Many-To-Many(4) Maps(6) Master/Detail(36) Microservices(4) Mobile(63) Mode Builder(3) Model Builder(3) MySQL(10) Native Apps(5) News(18) OAuth(9) OAuth Scopes(1) OAuth2(13) Offline(20) Offline Apps(4) Offline Sync(5) Oracle(11) PKCE(2) Postgre SQL(1) PostgreSQL(2) PWA(2) QR codes(2) Rapid Application Development(5) Reading Pane(2) Release Notes(183) Reports(48) REST(29) RESTful(29) RESTful Workshop(15) RFID tags(1) SaaS(7) Security(81) SharePoint(12) SPA(6) SQL Anywhere(3) SQL Server(26) SSO(1) Stored Procedure(4) Teamwork(15) Tips and Tricks(87) Tools for Excel(2) Touch UI(93) Transactions(5) Tutorials(183) Universal Windows Platform(3) User Interface(338) Video Tutorial(37) Web 2.0(100) Web App Generator(101) Web Application Generator(607) Web Form Builder(40) Web.Config(9) Workflow(28)
Archive
Blog
OAuth2
Tuesday, March 15, 2022PrintSubscribe
RESTful Workshop Lessons

This workshop is designed to empower both individual developers and teams to create amazing enterprise-quality backends for mobile and web applications. Zero experience and no code is required to provide your data with the REST API conforming to the Level 3 of Richardson Maturity Model with the built-in OAuth 2.0 and Open ID Connect.

Follow the purposefully constructed lessons that will build up your confidence and help master the RESTful API development. You will begin by creating the backend application and make several embedded single-page apps. You will learn to configure the backend to act as an OAuth 2.0 server. You will create the standalone single-page app that can be hosted on any web server and operating system. It will interact with the RESTful API of the backend application to authenticate users and fetch data. You will learn how to use the app created with Code On Time to provide the backend for a generic device with the limited input capabilities. The built-in Device Authorization Flow makes it possible to integrate your apps into the physical world of IoT and make them future-proof.

Learn to build RESTful applications with the self-documenting API and amazing front-end.

Reading Pane split view in the application created with Code On Time.
Reading Pane split view in the application created with Code On Time.

An example of the RESTful resource data with the embedded hypermedia.
An example of the RESTful resource data with the embedded hypermedia.

Wednesday, February 9, 2022PrintSubscribe
Lesson: Standalone SPA5 with REST Level 2 and OAuth 2.0

This client app is the look-alike of the SPA4. It works with the REST resources directly. The HTTP methods and URLs are embedded in the code. If you have fallen in love with the hypermedia, then you may find it as a disadvantage. If you are not convinced and prefer the traditional REST, then use this client app as the foundation for your next hybrid or native application. This app in the lesson displays a list of products from the RESTful application created with Code On Time. Its users are authenticated with OAuth 2.0 Authorization Code flow with PKCE. The user picture and email are extracted from JWT courtesy of OpenID Connect.

What is different? This app is not taking advantage of the hypermedia. Instead it makes use of the REST resources with the appropriate HTTP methods. Hence the REST Level 2 designation according to the Richardson Maturity Model.

Standalone SPA5 with REST Level 2 and OAuth 2.0
Standalone SPA5 with REST Level 2 and OAuth 2.0

Monday, February 7, 2022PrintSubscribe
Lesson: Standalone SPA4 with RESTful Hypermedia and OAuth 2.0

The purpose of this tutorial is to create a standalone Single Page Application that uses the Authorization Code Flow with PKCE to authenticate the end users. The user picture and email are extracted from JWT courtesy of OpenID Connect. This app can be hosted on any web server of your choice.

Start the Standalone SPA4 with RESTful Hypermedia and OAuth 2.0 segment.

Standalone SPA4 with RESTful Hypermedia and OAuth 2.0
Standalone SPA4 with RESTful Hypermedia and OAuth 2.0

The user interface of anonymous user in the standalone SPA4 with RESTful Hypermedia and OAuth 2.0
The user interface of anonymous user in the standalone SPA4 with RESTful Hypermedia and OAuth 2.0

Account Access consent form presented to the user during the OAuth 2.0 Authorization Code flow with PKCE in the application created with Code On Time.
Account Access consent form presented to the user during the OAuth 2.0 Authorization Code flow with PKCE in the application created with Code On Time.

Account selector allow users to switch their identity when a client app is requesting account access.
Account selector allow users to switch their identity when a client app is requesting account access.