Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[Feature Request] OAuth 2 missing Identity token.
See original GitHub issue- Insomnia Version:
6.2.3 - Operating System: Mac OSX
Details
OAuth specification document provides two kinds of token, access token and identity token, The Insomnia OAuth 2 module works beautifully for most of the things as it exposes and uses the Access_token (in addition to refresh_token) which is used more often, there are a few oddballs however that need identity_token for certain calls, like AWS Cognito User pool integration with API Gateway:
To authenticate requests to API-Gateway endpoints that are protected by AWS Cognito Authorizers, the access_token will not work! but the identity_token which is included in the same response body that provides the access_token works! ( although access_token works to make calls to Cognito endpoints itself!! but anyways! )
I think it would be great if we provide this functionality as AWS is a big player and this will come handy in a lot of use-cases, especially since there aren’t any other alternative clients, currently, supporting this ( Postman does not have this feature either ), this will be very useful for developers/engineers working in a serverless stack!
Thanks,
- mim
Issue Analytics
- State:
- Created 4 years ago
- Reactions:9
- Comments:16 (2 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
So the least intrusive solution I can think of is to add a checkbox in the UI that lets the user choose
identity_tokeninstead ofaccess_tokenwhen it’s available and desired. ( like in the screen-shot below )I have implemented the UI to show the token if it exists in the response, we need to let the user choose which token to use though to make their calls, or we can add that in a future PR?
I still also need to check and add tests if needed
@gschier does that sound good?
Hey folks, sorry about the lack of communication! 🤗 I’ll re-open this issue because it was closed by stale bot and without good reason. @mim-Armand / @alanwill please feel free to raise a PR and we can work towards getting this into the project.
Happy to help in case you need any guidance with UI and testing (where possible).