8393 questions

9873 answers

15658 comments

14144 members

0 votes
48 views 0 comments
by
Hello,

Apparently, RMS currently only supports Authorization Code based grants for API access. However, emulating these OAuth flows for server-to-server applications is anything but trivial  - there are suggestions of remote controlling a headless browser with Selenium - err, maybe not.

My current workaround is to use a PAT, but this has has all sorts of nasty implications in a containerized environment. If I don't refresh the token, it will expire in a year, and I have to remember updating the container environment in time (also it's abusing the intentions of a PAT).
If I do refresh it though, the original access token becomes invalid and the refreshed token needs to be stored on a persistent volume because otherwise the app won't be able to authenticate after a restart. If it ever goes out of sync, somebody again needs to update the container environment to bootstrap the process again. I don't even want to think about about running multiple instances of the same image. None of this looks very appetising, I have to admit.

Long story short, this is why OAuth has the Client Credentials grant in the first place: https://alexbilbie.com/guide-to-oauth-2-grants/

I suppose a Resource Owner Credentials Grant would also work if a userless context is technically not possible.

Am I missing something obvious? Anybody found a better workaround than using a PAT? Anything on the Teltonika roadmap maybe?

Thanks!

1 Answer

0 votes
by
Hello,

Regarding this issue of yours, I have tested it using PAT on Postman it seems to work perfectly fine. Would it be possible for you to provide screenshots and some information on what you are encountering?

Regards,
Mellow