So I went ahead and created an external web service that internally calls /guacamole/api/tokens, and then redirects to /guacamole/#/token=<token>
Doesn't work. Investigation of the network traffic shows that the /guacamole/api/tokens call does not have the token in it at all (in Mike's OpenID implementation id_token is passed along this way, and I was hoping it would work the same for token). Changing the name of the parameter, so it's now redirecting to /guacamole/#/id_token=<token> also does not pass a token_id parameter to /guacamole/api/tokens, which confuses me, because I saw this behavior with the OpenID plugin. So new questions: 1) Is this a valid approach? Ie, can a Guacamole authorization token even be passed around in this manner? 2) Why is the token not being passed from /guacamole/#/token=<token> to /guacamole/api/tokens? -- Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
