TheDude
/
openproject
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
OpenProject is the leading open source project management software.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
58315 Commits
139 Branches
203 Tags
1.2 GiB
 
 
 
 
 
 
Tag: Branch: Tree: 49abb1bc33
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '49abb1bc33'
${ noResults }
openproject/docs/system-admin-guide/authentication/oauth-applications/README.md

60 lines
2.2 KiB
Raw Blame History

---
sidebar_navigation:
title: OAuth applications
priority: 900
description: OAuth application settings in OpenProject.
robots: index, follow
keywords: OAuth application settings
---
# OAuth applications
To activate and configure oauth applications, navigate to -> *Administration* -> *Authentication* and choose -> *Oauth applications*.
## Add a new authentication application for oauth
To add a new oauth application, click the green **+ Add** button.
![Sys-admin-authenticatoin-oauth-applications](Sys-admin-authenticatoin-oauth-applications.png)
You can configure the following options to add your oauth application.
1. Enter the **name** of your oauth application.
2. **Define redirect URLs** where authorized users can be redirected to.
3. Check if the application will be used **confidentially**.
4. Choose **client credential flows** and define a user on whose behalf requests will be performed.
5. Press the blue **Create** button to add your oauth application.
![Sys-admin-authentication-add-oauth-application](Sys-admin-authentication-add-oauth-application.png)
## Oauth endpoints
The authentication endpoints are at
* Auth URL: `https://example.com/oauth/authorize`
* Access Token URL: `https://example.com/oauth/token`
## Performing request to the OpenProject API with OAuth token
The following CURL command fetches all projects from the API V3:
`curl --location --request GET 'https://example.com/api/v3/projects' --header 'Authorization: Bearer <your-access-token>'`
## Using Postman with oauth?
Set redirect URLs to `urn:ietf:wg:oauth:2.0:oob` in both, for your application (see step 2 above) and
within Postman.
In Postman the configuration should look like this (Replace `{{protocolHostPort}}` with your host,
i.e. `https://example.com`)
![Sys-admin-authentication-add-oauth-application](Sys-admin-authentication-oauth-postman.png)
## CORS headers
By default, the OpenProject API is _not_ responding with any CORS headers.
If you want to allow cross-domain AJAX calls against your OpenProject instance, you need to enable CORS headers being returned.
Please see [our API settings documentation](https://docs.openproject.org/system-admin-guide/system-settings/api-settings/) on
how to selectively enable CORS.