Bixby Developer Center

Guides

6706

We've updated the way in which you configure OAuth authorization. You must now use an authorization.bxb file that defines the OAuth 2.0 access scope a user can give a provider:

authorization {
user {
oauth2-authorization-code (providerId) {
authorize-endpoint (...)
client-id (...)
client-secret (...)
scope (...) // optional
token-endpoint (...)
revoke-endpoint(...) // optional
login-button-label(...) // optional
}
}
global {
oauth2-client-credentials (providerId) {
client-id (...)
client-secret (...)
scope (...) // optional
token-endpoint (...)
}
}
}

In the previous method that is now deprecated, you specified OAuth authorization through your endpoints declaration (endpoints.bxb). You could specify exactly one type of authorization, which is automatically applied to all endpoints. If some of your endpoints required a different authorization, you could overwrite it using authorization-override.

With the authorization.bxb file, you can specify one user scoped authorization (currently oauth2-authorization-code) and one globally scoped authorization (currently oauth2-client-credentials). You no longer need to explicitly use authorization-override.

Note

You must place the authorization.bxb file within the capsule root folder, not within the resources folder.

No authorization is applied to an endpoint automatically. An endpoint that needs authorization needs to be tagged with authorization (User) or authorization (Global) depending on which authorizations are needed:

endpoints {
action-endpoints {
action-endpoint (OAuthUser) {
remote-endpoint (https://example.com) {
method (GET)
}
authorization (User)
}

action-endpoint (OAuthGlobal) {
remote-endpoint (https://global.example.com) {
method (GET)
}
authorization (Global)
}
action-endpoint (OAuthNone) {
remote-endpoint (https://internal.example.com) {
method (GET)
}
}
}
}

Read more about Authorizing Access with OAuth.

Deprecation Stages (learn more)

  • Stage 1: R19O
  • Stage 2: R19O
  • End of Life: R19U