Uploaded image for project: 'Apache Fineract'
  1. Apache Fineract
  2. FINERACT-726

Changes to /authentication API's to pass data as part of request body

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 1.2.0
    • 1.4.0
    • None

    Description

      Fineract supports authentication either using Basic auth or Oauth. The initial authentication is done using the endpoints described at https://demo.openmf.org/api-docs/apiLive.htm#authentication_basicauth and https://demo.openmf.org/api-docs/apiLive.htm#authentication_oauth 

      Both rely on passing the username and password as URL query parameters.

      Ex, the endpoint for /authentication is 

      POST  : https://localhost:8443/fineract-provider/api/v1/authentication?username=mifos&password=password&tenantIdentifier=default

       

      We would want to change the same to

      POST https://localhost:8443/fineract-provider/api/v1/authentication?tenantIdentifier=default

      and pass the username and password as apart of the post body in json format.

      Ex:

      {
"username":"mifos",
"password":"password"
}

       

      After making this change, the APIdocs and integration test cases would have to be updated accordingly 

      Attachments

        Issue Links

          blocks

          Bug - A problem which impairs or prevents the functions of the product. FINERACT-677 Hide Sensitive contents in xml files and logs

          • Major - Major loss of function.
          • Closed
          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. FINERACT-677 Hide Sensitive contents in xml files and logs

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. FINERACT-629 Authentication API endpoint forces username and password as URL params

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved
          is required by

          Improvement - An improvement or enhancement to an existing feature or task. FINERACT-629 Authentication API endpoint forces username and password as URL params

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved
          links to

          Web Link GitHub Pull Request #678

          Activity

            People

              vorburger Michael Vorburger
              vishwasbabu Vishwas Babu A J
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 20m
                  20m