Difference between v11 and v12: OAuthServer.config

Hi AlBer,

The OAuth Server changed quite a bit between 11.0 and 12.0, most notably because the responsibility of the login process moved from the Client to the OAuth Server. There were a number of significant changes made to support this shift.

However, I'm not sure I understand your exact question. Are you referring to the <redirectUris/> in the OAuth.config?

Chris

Hi AlBer,

The OAuth Server changed quite a bit between 11.0 and 12.0, most notably because the responsibility of the login process moved from the Client to the OAuth Server. There were a number of significant changes made to support this shift.

However, I'm not sure I understand your exact question. Are you referring to the <redirectUris/> in the OAuth.config?

Chris

Yes, that's what I talk about. I had to modify this file in order to be able to connect from an external browser.

Hi AlBer,

The purpose of these <redirectUris/> are to help protect against any malicious applications that might try to get a token through the OAuth Server. The Aras Innovator installer automatically populates these URIs based on all of the aliases that it can find by running a small script. However, this script may not find any custom aliases that you've defined so they will need to be added here manually.

The reason you didn't need to do this in 11.0 was that this concept of a redirect URI from the OAuth Server didn't exist since the Client handled the login itself.

Chris

Thank you for your answer !