How to Secure API using OAuth 2.0, Can someone provide OML to refer?
Application Type
Service Studio Version
11.54.30 (Build 62899)



I'm facing an issue to secure Exposed API using OAuth 2.0, I have referred many documentation  and Forge component but i didn't get proper information, In some components there was not proper documentation to implement  OAuth 2 provider. If someone have OML of this can you please provide.

My biggest issue with both the blog and the component is that we create our own oAuth2 provider (and a simple one at that). I want to use Entra Id as the oAuth2 provider and that is, since we have bad integration with the MSAL package, a hard thing to do. 

Hi Vincent. Interesting to hear that. Why do you say it is a hard thing to use Entra as Identity Provider? Is it because of the nonce header? https://www.outsystems.com/forums/discussion/89897/jwt-oauth-token-signature-validation-with-nonce-in-header/

My article here https://medium.com/itnext/protect-outsystems-rest-apis-using-openid-connect-87a2ac7575c1 provides a step-by-step tutorial. 

Here the sample service in forge https://www.outsystems.com/forge/component-overview/13934/protect-exposed-rest-api-using-openid-connect


Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.