Skip to content

OAuth2 Initialization

Support configure OAuth 2.0 authorization by setting attributes for initOAuth method.

Attribute Description
clientId Default clientId.
clientSecret Default clientSecret.
🚨 Never use this parameter in your production environment. It exposes crucial security information. This feature is intended for dev/test environments only. 🚨
realm Realm query parameter (for oauth1) added to authorizationUrl and tokenUrl.
appName Application name, displayed in authorization popup.
scopes Scope space separated string of initially selected oauth scopes, e.g. "openid profile", default is empty.
additionalQueryStringParams Additional query parameters were added to authorizationUrl and tokenUrl, default is empty.
MUST be a JSON, but could wrap string with single quote when attribute value wrapped with double quote, e.g. additionalQueryStringParams="{'test': 'hello'}", additionalQueryStringParams='{"test": "hello"}'
useBasicAuthenticationWithAccessCodeGrant Only activated for the accessCode flow. During the authorization_code request to the tokenUrl, pass the Client Password using the HTTP Basic Authentication scheme (Authorization header with Basic base64encode(client_id + client_secret)).
The default is false, setting true with any case of "true".
usePkceWithAuthorizationCodeGrant Only applies to authorizationCode flows. Proof Key for Code Exchange brings enhanced security for OAuth public clients.
The default is false, setting true with any case of "true".


<swagger-ui src="./openapi-spec/sample-oauth2.yaml"
            scopes="openid profile"
            additionalQueryStringParams="{'test': 'hello'}"

Swagger UI