AnsweredAssumed Answered

oAuth2 automated silent authentication

Question asked by zigfel on Apr 29, 2016
Hello,

Context:  We have an automated Application that connect to Alfresco API to read Document Metadata

We need to access Alfresco cloud via the API.  When getting the Authorization code, the call return the oAuth authentication form.  If I enter manually the proper Authentication credentials, I received the Authentication code that I can successfully exchange for a token in a subsequent request.

I would like to know if it's possible to pass a parameter to get the authorization code without user manipulation?

Chrome API as a similar parameter (https://developer.chrome.com/apps/app_identity ):


chrome.identity.getAuthToken({ 'interactive': true }, function(token) {
  // Use the token.
});

User interaction

When calling getAuthToken, you can pass a flag ('interactive': true in the example above) indicating whether you want the API to be called in interactive mode or silent mode. If you invoke the API in interactive mode, the user is shown a sign in and/or approval UI when necessary, as shown in the screenshot below:

screenshot showing UI when an app uses the Identity API
     to authenticate a Google account
If you invoke the API in silent mode, the API will only return a token if it's possible to produce one without showing any UI. This is useful in cases when an app is doing the flow at app startup, for example, or in general in cases where there is no user gesture involved.


I used the following documentation and the oAuth authentication form is the one shown in the middle of the page (http://docs.alfresco.com/5.1/pra/1/concepts/pra-authorize.html).

Thanks for your help

Outcomes