API via OAuth getting extended soon?

Any issue about Cyclos 4 scripting and Webservices

Moderators: rmvanarkel, hugo, alexandre

Post Reply
admin_de2
Posts: 78
Joined: Wed Dec 31, 1969 9:00 pm

API via OAuth getting extended soon?

Post by admin_de2 »

Dear Cyclossians,

we currently use the OAuth-adapter to let users login into internal pages of a website, displaying data from Cyclos and starting processes in Cyclos from the website.

Now, since access to the API via OAuth is very limited, we are keen to get a hint if the API via OAuth is getting extend version by version.
E.G., currently we would need webshop purchases.

Do you have a plan or roadmap for the OAuth-API here?

Thank you,
Thomas
rmvanarkel
Posts: 247
Joined: Tue Oct 05, 2010 1:14 pm

Re: API via OAuth getting extended soon?

Post by rmvanarkel »

Dear Thomas,

We implemented OAuth for a customer that paid for the scopes we currently have (see below). It isn't too hard to add some scopes so please let me know what you need. Please be aware normally we only do this when we have a budget for it. And please understand that I can't guarantee anything here.

Warm regards,

Roder


/**
* Standard openid scope, which enables the OpenID Connect features.
* When not requested, will be a plain OAuth2 authorization.
*/
OPENID(true),

/**
* Standard profile scope, which gives access to claims such as full name,
* login name, picture URL, custom fields and locale.
*/
PROFILE(true),

/**
* Standard email scope, which gives access to the user's e-mail address.
*/
EMAIL(true),

/**
* Standard phone scope, which gives access to the user's phone number.
*/
PHONE(true),

/**
* Standard address scope, which gives access to the user's physical address.
*/
ADDRESS(true),

/**
* Standard offline access scope, which enables refresh tokens.
*/
OFFLINE_ACCESS(true),

/**
* Get the current account status. Is never granted to administrators. Parameters:
* <ul>
* <li><code>type</code>: Restrict to a specific account type</li>
* </ul>
*/
ACCOUNT_STATUS(false, "type"),

/**
* Get the full account history. Is never granted to administrators. Parameters:
* <ul>
* <li><code>type</code>: Restrict to a specific account type</li>
* </ul>
*/
ACCOUNT_HISTORY(false, "type"),

/**
* Perform payments. Is never granted to administrators. Parameters:
* <ul>
* <li><code>to</code>: Payments to a specific user</li>
* <li><code>amount</code>: Payments with a specific amount</li>
* <li><code>currency</code>: Payments with a specific currency. When an amount is specified, this must also be,
* unless the authenticated user have accounts in a single currency.</li>
* </ul>
*/
PAYMENT(false, "to", "amount", "currency"),

/**
* Read the full user profile. Is never granted to administrators.
*/
PROFILE_READ(false),

/**
* Modify the full user profile. Is never granted to administrators.
*/
PROFILE_WRITE(false),
Post Reply