8393 questions

9873 answers


14144 members

0 votes
48 views 0 comments

Apparently, RMS currently only supports Authorization Code based grants for API access. However, emulating these OAuth flows for server-to-server applications is anything but trivial  - there are suggestions of remote controlling a headless browser with Selenium - err, maybe not.

My current workaround is to use a PAT, but this has has all sorts of nasty implications in a containerized environment. If I don't refresh the token, it will expire in a year, and I have to remember updating the container environment in time (also it's abusing the intentions of a PAT).
If I do refresh it though, the original access token becomes invalid and the refreshed token needs to be stored on a persistent volume because otherwise the app won't be able to authenticate after a restart. If it ever goes out of sync, somebody again needs to update the container environment to bootstrap the process again. I don't even want to think about about running multiple instances of the same image. None of this looks very appetising, I have to admit.

Long story short, this is why OAuth has the Client Credentials grant in the first place: https://alexbilbie.com/guide-to-oauth-2-grants/

I suppose a Resource Owner Credentials Grant would also work if a userless context is technically not possible.

Am I missing something obvious? Anybody found a better workaround than using a PAT? Anything on the Teltonika roadmap maybe?


1 Answer

0 votes

Regarding this issue of yours, I have tested it using PAT on Postman it seems to work perfectly fine. Would it be possible for you to provide screenshots and some information on what you are encountering?