-
Notifications
You must be signed in to change notification settings - Fork 3
Authentication: Server side web application flow
Håkon André Knudsen edited this page Sep 25, 2019
·
2 revisions
This flow is designed for web applications with servers that can store information and maintain state.
The SDK provides two methods, GetServerSideAuthenticationLink and LoginWithAuthorizationCodeAsync. Your application should call GetServerSideAuthenticationLink to get the link used to redirect the user to the RamBase authorization server. The method takes your callback url as a parameter.
string authLink = rbApi.GetServerSideAuthenticationLink("https://example.com/oauth2callback");
In an ASP.NET Core controller you could return the Redirect result:
return Redirect(rbApi.GetServerSideAuthenticationLink("https://example.com/oauth2callback"));
After the user has authorized your application they will be redirected to the callback url you provided. The callback will include an authorization code as a query parameter. You will need to exchange that code into an access token. For example in an ASP.NET controller:
[HttpGet]
public async Task<IActionResult> ExchangeAuthorizationCode([FromQuery] string code)
{
await _api.LoginWithAuthorizationCodeAsync(code, "https://example.com/oauth2callback");
return Ok("Authorized");
}