I published web site to IIS on Windows 10. If I try login to website through forms by url http://localhost, I can access to system. But If I try login by url ht
I am stuck on a issue with Twitter-ads-api. I have completed the authorization and got the oauth-verifier token, but after this I am stuck on how to request for
I am trying to follow a tutorial for an image upload application For Vue.js however I am unable to authenticate with OAuth2 for Imgur. I am following exactly wh
At my work, I have a task to search and find solutions to implement the ABAC authorization in our microservices organized in a monorepo. We have some products a
I have an application behind an SAML Service Provider. That means, the SP does authentication for me and I get user data in HTTP request headers (like SP_USER_N
We are switching to new Java 17 and new WildFly 26. Using older Java, we had a custom login module class which extended org.jboss.security.auth.spi.DatabaseServ
I have a Google apps script project which I use as a web application to save some data gathered from a web page (JavaScript only) to My Google sheets (think of
I have an MSAL app that creates authentication tokens for accessing various Microsoft APIs. I provide the app specific scopes, and it creates a corresponding au
I have admin pages in Next js that only authorized users should have access to. I have a cookie verification service: import { NextApiRequest } from 'next' impo
So I have a simple flask app. Logging in creates a token: token = jwt.encode({'user': token_data}, app.config['SECRET_KEY']).decode('utf-8') The middleware loo
I read the article from link and understand there are 3 ways to define abilities. But I have no clue to combine them together. For example, In the three struct
I am trying to properly implement Authorization Code flow for a 3rd party REST api for my users to use. However, I am not sure if I am doing it correctly with t
It is supposed to get all the guilds a user is joined in. It gets the bearer auth right, but it always errors with code 401. When using a external API (https://
I am currently working with a group of applications that are running on two separate, but equivalent, environments (Referred to as ENV1 and ENV2). I have been u
I'm having a problem getting a user to be authorized. I'm making a web Api and in the controller where the login method is, it creates a token (JWT Token / Bear
In the web application I'm currently working on there is a requirement for all users to be authenticated. This is currently handled by using an AuthorizeFilter.
Having a few minor issues with role based authorization with dotnet core 2.2.3 and Keycloak 4.5.0. In Keycloak, I've defined a role of 'tester' and a client rol
I am using this GitHub's API to generate an access token for the user (mobile app), using this tutorial: https://developer.github.com/apps/building-oauth-apps/
I would like to know whether there is any security benefit to using OAuth2 for authorization where all clients are developed, owned and controlled by the API de
I would like to know whether there is any security benefit to using OAuth2 for authorization where all clients are developed, owned and controlled by the API de