> > This part is already there right? or are we talking about a new >> implementation? > > > Actually in existing implementation token is generated against cookie. It > is not actually a bearer token just a session id. To generate bearer token > we have to use SAML grant type.
Just looked at the code, it seems SAML is first exchanged to a cookie and then the cookie is used. Ya, this seems wrong, we should be able to get directly via the grant type. +1 lets fix it. [1] https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/modules/saml-to-cookie.js -- With regards, *Manu*ranga Perera. phone : 071 7 70 20 50 mail : m...@wso2.com
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture