Generate Nuxeo user token to be used in third party application

Hello, I have an application that should use Nuxeo API to list documents/rename them.. The issue here is that Nuxeo and my application have distinct user directories (and should stay that way..). My question is: Does Nuxeo expose a UI component (pop up for example..) for the user to type its credentials and pass me the token so that I can do some work on his behalf through Nuxeo API? If not I'm open to any suggestion that would solve my issue :) Thanks

0 votes

1 answers

166 views

ANSWER



Nuxeo implements OAuth2 - Authorization Code Grant Type https://doc.nuxeo.com/nxdoc/using-oauth2/, maybe it can help you

1 votes



Thanks for the reply! The issue with it is that everybody would have access to all documents that the client-id used would be authorized to.. I need to keep nuxeo user restrictions as they are so that's why I need to access the API with a user credentials and not an application client-id :(
07/16/2020

The user from your application already exists in the nuxeo database?
07/16/2020

Yes but with a different pseudo and might have other ones in several instances
07/16/2020

In oauth2, we have four roles

resource owner; client; authorization server; resource server;

the 'resource owner' is the 'user' (in this case is the nuxeo user); the 'client' is your 'application', (the application that should user Nuxeo API to list document/rename them…); the authorization server is the place where you get authenticated (in this case is Nuxeo); the resource server is the api that you will consume (in this case is Nuxeo too);

so basically the 'client-id' is not the 'user id' from nuxeo, it is just an identification for your application

07/16/2020