We're updating the issue view to help you get more done. 

Allow REST authentication via OAuth

Description

  • Zanata should serves as authorization server

  • REST services should recognise OAuth access token - as an alternative for API key

  • Not considering JWT in this implementation

  • System property (disabled by default) to disable OAuth

  • System property for the timeout for access token

  • Needs to be tested from end to end, e.g. mock/existing client

Future tasks:

  • URI for client id

  • Page for user to revoke access

  • Page for admin to review OAuth tokens

  • JWT for token

  • Pre-registered client to Zanata

Status

Assignee

Patrick Huang

Reporter

Alex Eng

Tested Version/s

None

Story Points

5

Time Tracking

10h

Sprint

None

Fix versions

Priority

unspecified