Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

OIDC: API only login#13662

Majardom started this conversation inFeature Requests
Jun 25, 2024· 1 comment
Discussion options

Hi,

I am planning to build my own API on top of this solution so I am interested in using only API calls without an UI. I configured OIDC and I am able to login using user interface.

Is it possible to authenticate via API calls?

I can see that to send authenticated request I need "Coder-Session-Token" as a header or query parameter but I not completely understand how to get that token via API using OICD authentication.

You must be logged in to vote

Replies: 1 comment

Comment options

Emyrk
Aug 2, 2024
Collaborator

@Majardom the problem you will run into is the OIDC "allow" page.

The flow is:

  1. Hithttps://deployment.coder.com/api/v2/users/oauth2/github/callback. This returns a 307 redirect to the OIDC/oauth provider
  2. Follow redirect tohttps://github.com/login/oauth/authorize?...
  3. This is where you hit the "allow" page

github-oauth2-prompt

  1. After allow, you get a 302 redirect back tohttps://deployment.coder.com/api/v2/users/oauth2/github/callback?coder=..... The code works, and you get a 307 to/workspaces with a cookie that contains the session token.

So a headless auth flow for OIDC can only work if the IDP can do so headless. Which probably will not work for initial auth flows, but you can sometimes do it with subsequent auth flows if everything has been approved before.

I think what would work best for you is not implemented yet, but described in this issue:#11901

You must be logged in to vote
0 replies
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Labels
None yet
2 participants
@Majardom@Emyrk
[8]ページ先頭
©2009-2025 Movatter.jp