It's all about the answers!

Ask a question

OSLC rootservices with oauth1 vs oauth2


Jad El-khoury (111) | asked Mar 05 '20, 7:25 a.m.

It seems that the latest version of Jazz supports OpenID Connect (oauth2++) for authentication, yet the rootservices document when establishing OSLC friends is still based on oauth1.


I am trying to integrate an external (non-IBM/Jazz) application with Rational Engineering Lifecycle Manager.
I already have support for oauth2/OIDC in that application.

Does I still have establish OSLC friendships using oauth1? 
Can I not instead use oauth2 for that? If so, how should the rootservices document look like?

One answer



permanent link
John Vasta (2.6k15) | answered Mar 10 '20, 9:58 a.m.
FORUM MODERATOR / JAZZ DEVELOPER
Friend relationships are always required for app-to-app communications, no matter what the authentication protocol is. When both the source and target of a friend relationship supports OIDC, then there will be no OAuth1 consumer key or secret registered for the friend, since it isn't needed. An application indicates that it supports OIDC by returning the "<jd:jsaSsoEnabled>" property in its rootservices document with the content "true" (where "jd" is the XML namespace "http://jazz.net/xmlns/prod/jazz/discovery/1.0/". If you look at the rootservices document for any Jazz application that is configured in OIDC mode, you'll see it includes this:

<jd:jsaSsoEnabled>true</jd:jsaSsoEnabled>

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.