[Mifos-users] Introducing support for Oauth2 - API Breaking changes

17 views
Skip to first unread message

Vishwas Babu A J

unread,
Apr 3, 2015, 9:40:24 AM4/3/15
to mifos-d...@lists.sourceforge.net, mifos...@lists.sourceforge.net
Hello There,

As a part of our security related improvements, we were planning on introducing support for Oauth 2 in Q3, this has now been preponed to Q2 thanks to shifting priorities.

Our plan is to remove support for Basic Auth (over HTTPS) in favor of  OAuth 2 (more specifically, Resource owner password credentials grant)

The pull requests for the suggested changes are at (many thanks to Pramod !):

Platform : https://github.com/openMF/mifosx/pull/1332/files (minor issues like the newly introduced app passwords not being encrypted in the DB will be handled before the release)


Since these are API breaking changes, APP developers would have to handle the same and are now required to register their Clients (Apps) on the platform.

Please let us know if you have any feedback or concerns related to these changes. 


Note: These changes will not make it to the 15.3 (Q1) release which is due shortly


Regards,
Vishwas



Reply all
Reply to author
Forward
0 new messages