Of course, in between, I had a short family vacation in Phuket, Thailand where I ran the 10th Laguna Phuket International Marathon.
Back to today's topic ... Lets's assume a scenario as follows:
- OpenAM acts as a OAuth 2.0 Provider
- An application is protected with OAuth 2.0 (aka it is OAuth 2.0 Client enabled)
When an user access the application for the 1st time, the OAuth 2.0 client will redirect to the OAuth 2.0 provider. In this example, the OAuth 2.0 provider is OpenAM. Thus the OpenAM Login Page will be displayed.
After successful authentication, OpenAM will present the user with an authorization decision page.
When the user entry is updated, the aooauth2consent attribute will be populated with the following data format:
[oauth 2.0 client name] [attribute1] [attribute2] [attribute3] ...
Now, in some scenarios, for example Intranet applications, customers would not like the authorization decision page to be shown. How can we workaround this since OpenAM does not have the capability to hide this page at the moment?
The simple solution is to provision directly to the LDAP, specially the oauth2consent attribute with the data format shown above.