-
Notifications
You must be signed in to change notification settings - Fork 535
Description
I have several DV users authenticated using an OAuth 2.0 provider.
They want to retrieve, via API, un-published datasets, but it would be necessary that they only have access to documents as per the DV access controls.
Right now, the only way to do this is to have them go into the DV UI, log in (using OAuth), fetch their token, and do the API requests using this token. Of course, they would have to do this everytime the token expires, and would have to keep the token themselves, effectively negating the use of OAuth.
Is there a way for them to programatically get their API token using their OAuth credentials?
One way to achieve this would be to have OAuth 2.0 tokens be used as DV tokens, and then use the standard bearer token header that APIs using OAuth2.0 use.
I see in the dataverse-android repo that there was an idea to do this at some point, but the issue was closed without this functionality. Or am I missing something?
Thanks,
V.