WSO2 Identity Server (OAuth2 authorization grant without the PlayGround2 App)

When I came across OAuth2  authorization code grant type of wso2 identity server I had to setup playground2 app to test it. That was a very cumbersome process. Therefore I searched for an alternative way to make things happen. An easier way actually. After doing some research I was able to come up with an easy solution. So today I’m going to share it with you. Hope it will be a help.

(01) First Log in to Identity Server management console with your credentials (Default       credentials are
username : admin
password : admin

Screenshot from 2017-03-08 19-14-00.png
(02) Go to the Service Provider configuration page and create a Service Provider.

Screenshot from 2017-03-08 19-16-59.png

(03) Go to the Inbound Authentication Configuration setting and enable OAuth/OpenID connect

Screenshot from 2017-03-08 19-20-07.png

(04) Provide the callback_url as “https://localhost/callback”

Screenshot from 2017-03-08 19-21-50.png

(05) You can type the following in a browser (better to try in an incognito/private window)

https://localhost:9443/oauth2/authorize?response_type=code&client_id=< oauth client key >&redirect_uri=https://localhost/callback&scope=read

(06) You will be prompted to log in and thereafter approve to authorise the Service Provider.

Screenshot from 2017-03-08 19-28-08.png

  • You can use the same account you used to log in or any other valid user from the same tenant. (If u you want to allow users from other domains you need to enable SaaS enabled in the Service Provider Inbound Authenticator OAuth configuration)

Screenshot from 2017-03-08 19-31-42

(07) Once you do that you will be redirected and you can find the code in the browser.

Screenshot from 2017-03-08 19-33-12.png

(08) Copy the code value and use the CURL command below to send a request to the token endpoint to get an access token

curl -k -v --user <client_id>:<client_secret> -d "grant_type=authorization_code&code=<authorization_code>&redirect_uri=https://localhost/callback" https://localhost:9443/oauth2/token

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s