diff options
author | David Lawrence <dkl@mozilla.com> | 2015-09-24 16:47:18 +0200 |
---|---|---|
committer | David Lawrence <dkl@mozilla.com> | 2015-09-24 16:47:53 +0200 |
commit | 923afd71d4bf1c0854deae96d3af7fd6d268646e (patch) | |
tree | 883bb776040b0c8ae3b98b83efaeee0fba4561a4 /docs/en/rst/integrating | |
parent | 89e65535c55fb20c916e2ed9492aaae265f5c5de (diff) | |
download | bugzilla-923afd71d4bf1c0854deae96d3af7fd6d268646e.tar.gz bugzilla-923afd71d4bf1c0854deae96d3af7fd6d268646e.tar.xz |
Bug 1204683: Add whoami endpoint
Diffstat (limited to 'docs/en/rst/integrating')
-rw-r--r-- | docs/en/rst/integrating/auth-delegation.rst | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/docs/en/rst/integrating/auth-delegation.rst b/docs/en/rst/integrating/auth-delegation.rst index 403f01e2f..bff460e4a 100644 --- a/docs/en/rst/integrating/auth-delegation.rst +++ b/docs/en/rst/integrating/auth-delegation.rst @@ -12,9 +12,9 @@ Authentication Flow The authentication process begins by directing the user to th the Bugzilla site's auth.cgi. For the sake of this example, our application's URL is `http://app.example.org` -and the Bugzilla site is `http://bugs.example.org`. +and the Bugzilla site is `http://bugzilla.mozilla.org`. -1. Provide a link or redirect the user to `http://bugs.example.org/auth.cgi?callback=http://app.example.org/callback&description=app%description` +1. Provide a link or redirect the user to `http://bugzilla.mozilla.org/auth.cgi?callback=http://app.example.org/callback&description=app%description` 2. Assuming the user is agreeable, the following will happen: 1. Bugzilla will issue a POST request to `http://app.example.org/callback` with a the request body data being a JSON object with keys `client_api_key` and `client_api_login`. @@ -24,7 +24,7 @@ and the Bugzilla site is `http://bugs.example.org`. with additional query string parameters `client_api_login` and `callback_result`. 4. At this point, the consumer now has the api key and login information. Be sure to compare the `callback_result` to whatever result was initially sent back to Bugzilla. -3. Finally, you should check that the API key and login are valid, using the :ref:`rest_user_valid_login` REST +3. Finally, you should check that the API key and login are valid, using the :ref:`rest_user_whoami` REST resource. Your application should take measures to ensure when receiving a user at your |