I am building an ouath 2.0 system in ruby on rails using Doorkeeper. My resource server is protected with doorkeeper_for method and is separate from the authorization server, and i am using the implicit grant flow. So i get the access token from the auth server and then make a request to the resource server in this way: localhsot:3000/pages?access_token=XXXX but when the resource server read the access token it try to looks for the token in its own database and not in the authentication server database so i get a 401 Unautorized error. How can i solve this?
Doorkeeper separate resource server from the authorization server
1.1k Views Asked by Alberto Pellizzon At
1
There are 1 best solutions below
Related Questions in RUBY-ON-RAILS
- How to display legend box in tooltip text for amCharts 5 in Rails application?
- how to integrate cashfree payment gateway in ruby on rails project
- RSpec Capybara throwing Selenium error when trying to click a button with browser confirm
- rails minitest not picking up fixture properly, instance variable not percolating
- Duplicate GET requests - Rails & Heroku
- How to stub out current_user in JWT model for Rspec?
- NameError in Home#index
- Verifying Google Identity OAuth2 token with Ruby
- Error WebMock::NetConnectNotAllowedError in testing with stub using minitest in rails (using Faraday)
- why is mission_control-jobs erroring with load path error?
- Rescuing validation errors from a polymorphic association
- New error on random number assigned to local variable , Rails
- How to fix error in model with gem lockbox
- Images uploaded via Active Storage not displaying in Active Admin or on certain devices
- controller test_methods generating two errors intermittently
Related Questions in OAUTH-2.0
- discord.py - Oauth2 - join user to guild
- Implementing Incremental consent when using both application and delegated permissions
- Verifying Google Identity OAuth2 token with Ruby
- spring security error Caused by: org.attoparser.ParseException: Exception evaluating SpringEL expression: s
- Encountering HttpError 403 and 500 When Using Google Sheets API with Service Account
- get refresh token in axios interceptor
- spring error exception with oauth2 and securityconfig
- What oauth 2.0 endpoint is used to validate a bearer token
- Not enough permissions to access API request https://api.linkedin.com/v2/me
- How to specify the client ID and redirect URI in Swagger OAuth2.0 configuration for Swagger UI?
- OAuth2 PHP change invalid_token response
- Call Databricks API from an ASP.NET Core web application
- Secure to share Access Token over public API using CORs?
- How to use Oauth in order to log‑in on .googleapis.com on almost any arbitrary endpoints domains from the web browser?
- OAuth access token attribute based reverse proxying of http ressources
Related Questions in DOORKEEPER
- How to find all Doorkeeper applications that have been authorized by the resource owner
- In Nextjs/App Router, How to pass httponly cookies in fetch request to API using server actions
- How to cancel a redirect_to and replace with render in a controller?
- How do I reconnect into the PKCE flow after an omniauth callback?
- Authorization Server with Rails 7, Devise and Doorkeeper
- Session Loss and Empty 'user_redirect_to' Variable in SAML-based Authentication for Rails OAuth 2.0 System
- Rails couldn't find a valid model for Doorkeeper::AccessToken association
- Authenticating with Rails API from React
- Can I generate a one time use token with doorkeeper specific to one API endpoint?
- OAuth2 flow for WordPress plugin
- Doorkeeper 5.4.0 ArgumentError
- Secure Action cable with Doorkeeper Authorisation
- Overriding Doorkeeper refresh token response
- How to implement a custom_access_token_expires_in method with Doorkeeper?
- Rails 7 secure API by API key
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
You should add a database connection to the authorization server, and in a
MyApp::Application.config.to_prepareblock instruct the relevantdoorkeepermodels to connect via those credentials.See https://github.com/applicake/doorkeeper/issues/266#issuecomment-26800252.