Another quick update, I have added support for password grants to the Known OAuth2 server.

Logging in using a username and password is exactly the sort of thing that OAuth2 was developed to avoid, however support for the password grant is a handy thing to have.

For a start, it makes it a lot easier to use the API via a command line application, or to present a familiar UX for people using a custom Known client (e.g. a mobile app).

Having password grant support will also allow us to deprecate the built in HTTP Header authentication method. This method is simple, and works well enough, but it is far from being a standard, and so requires people to write their own libraries to use it!

Using OAuth will also let those clients make use of OpenID connect, and the future federation stuff I hope to get time to build one of these days.

Anyway, hope this is useful to you!

» Visit the project on Github...

Another really quick update…

I’ve just pushed a small but important fix to the Known OAuth2 server plugin, which means it will now properly work with third party apps.

I’m not entirely sure when I managed to break this, but anyhow, it works now!

Package, and Known core dependencies have been updated.

» Visit the project on Github...