https://kotlinlang.org logo
#ktor
Title
# ktor
b

bitkid

03/09/2020, 3:06 PM
Hi! I have a question regarding oauth2. I have one endpoint which uses ktors oauth feature and i got it working with the microsoft open ID thing. i get back an auth token and a refresh token. How should i protect all my other endpoints when i already have valid tokens? just with the JWT auth feature where i always pass the obtained auth token? it seems like i can't pass the token (as Bearer) to the auth endpoint, it always tries to redirect me to the auth provider.
also, does ktor handle refreshing of the auth token using the refresh token?
2 Views