Welcome to the Panopto Community

Please note: All new registrants to the Panopto Community Forum must be approved by a forum moderator or admin. As such, if you navigate to a feature that is members-only, you may receive an error page if your registration has not yet been approved. We apologize for any inconvenience and are approving new members as quickly as possible.

Authenticate / Get access token for external account with User Based Server Application

Theodor TrufferTheodor Truffer Tyro
in API

Hey there! My goal is to get an access token for an external user, with no interaction of this user. So IMO exactly what is described in the article "oauth2-for-services" (I can't post links) at 2.1.c

The problem is that I can't make it work, I always get an "invalid username or password". It works fine with an internal user, so I guess the problem must be the username/password, or the identity provider.

My setup (keys changed):

Identity Provider:

  • Instance Name: ilias.tt.local
  • Application Key: 4ppl1c4710nk3y

API Client:

  • Name: tt-local
  • Type: User Based Server Application
  • Client Id: r3stcl1entID
  • Client Secret: r3sdtcl1entS3cret
  • Allowed URLs: I configured a CORS for my application, but I think that should have no effect for this?

User:

  • Name: ilias.tt.local\root
  • Role: Admin

My Request:

POST [Panopto-Url]/Panopto/oauth2/connect/token

Headers:

  • Authorization: Basic [combined rest client id & secret]
  • Content-Type: application/x-www-form-urlencoded

Body:

  • grant_type: password
  • scope: api
  • username: ilias.tt.local\root
  • password: base64(sha265("ilias.tt.local\root|4ppl1c4710nk3y"))

My assumption

It works with a username/passwort combination of an internal user, so it must be the password or identity provider. I tried out a lot of ways to generate the password, but none seemed to work.

Do you have any idea, what could be the problem here?

Thanks,

Theo

Answers

  • Kevin BaumKevin Baum Panopto Employee

    Hi Theo,

    Just looking at what you've sent, everything appears to be correct. If this is working with internal users, then I agree with you there may be something slightly off on the full user key or the application key.

    The most common thing I've seen in cases like this is the user name or the application key not being lower case before being hashed. Have you verified that they are both lower case, and that there are no extra spaces around them?

    If you have verified that the user name and application key are both lower case already, would you be able to open a support ticket with Panopto? I may need to get some additional information on your id provider.

    Please let me know if you have any other questions.

    Thanks,

    Kevin

  • Theodor TrufferTheodor Truffer Tyro
    edited March 2021

    Hey Kevin

    Thanks for your answer! Yes, I checked for spaces and lower case.

    Okay, so how do I open a support ticket with Panopto?

    Edit: I guess I found it (https://support.panopto.com/)! I'll check in with our customer, so they create a ticket (I don't have an account myself).

    Thanks

    Theo

Sign In or Register to comment.