Django OAuth- Separate Resource and Authorization Server Django OAuth- Separate Resource and Authorization Server django django

Django OAuth- Separate Resource and Authorization Server


python django oauth django-oauth

According django-oauth-toolkit implementation, Resource server first tries to check whether access token is available in its db or not.

If access token is not present, it will check introspection URL and introspection token are available in settings. If introspection settings is available then resource server tries to validate the user token with an introspection endpoint.

So the issue seems to be that AUTH SERVER and DRF might be returing 403 Forbidden since the permission is set as IsAuthenticated. This could be either due to invalid token or invalid user.

So create a user for the resource server and then create an application for the resource server user.

creating the application, 

client_type=Application.CLIENT_CONFIDENTIALauthorization_grant_type=Application.GRANT_AUTHORIZATION_COD‌​E

And generate a token through the admin site and update the resource server INTROSPECTION setting with the newly created token. Make sure you put the appropriate scopes while creating the token.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last