Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Starting with v0.7, Giles has a two part authentication mechanism. First, it requires applications to send an app token (generated by Giles for a specific app) and the token of an identity provider to authenticate a user. Giles then generates a shorter-lived authentication token specifically for Giles that can be used to use Giles' REST Api on behave behalf of a user.

To register an application with Giles:

...

Warning

Never share Giles access tokens and keep them safe. Anyone with an access token can use Giles API on your apps app's behalf.


Status
colourYellow
titleOpenId
 In order to be able to authenticate users via an OpenId Connect token, in addition to the steps described above, any application also needs to register their client id. To do this, go to Giles' system config page and add the client id (not the secret!) that your OpenId provider (currently Google) generated for your application to the list of registered client ids. If you try to authenticate a user with an OpenId token of an unregistered application, Giles will respond with:

...