FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
127 views 0 comments
by anonymous
Hello,

Apparently, RMS currently only supports Authorization Code based grants for API access. However, emulating these OAuth flows for server-to-server applications is anything but trivial  - there are suggestions of remote controlling a headless browser with Selenium - err, maybe not.

My current workaround is to use a PAT, but this has has all sorts of nasty implications in a containerized environment. If I don't refresh the token, it will expire in a year, and I have to remember updating the container environment in time (also it's abusing the intentions of a PAT).
If I do refresh it though, the original access token becomes invalid and the refreshed token needs to be stored on a persistent volume because otherwise the app won't be able to authenticate after a restart. If it ever goes out of sync, somebody again needs to update the container environment to bootstrap the process again. I don't even want to think about about running multiple instances of the same image. None of this looks very appetising, I have to admit.

Long story short, this is why OAuth has the Client Credentials grant in the first place: https://alexbilbie.com/guide-to-oauth-2-grants/

I suppose a Resource Owner Credentials Grant would also work if a userless context is technically not possible.

Am I missing something obvious? Anybody found a better workaround than using a PAT? Anything on the Teltonika roadmap maybe?

Thanks!

1 Answer

0 votes
by anonymous
Hello,

Regarding this issue of yours, I have tested it using PAT on Postman it seems to work perfectly fine. Would it be possible for you to provide screenshots and some information on what you are encountering?

Regards,
Mellow