GET https://auth.doximity.com/oauth/authorize?
client_id=YOUR_APP_ID
&response_type=code
&redirect_uri=https://yourapp.com/callback
&scope=basic%20colleagues
&type=verify
&state=SOME_ARBITRARY_BUT_UNIQUE_STRING
From the limited info I can get from their techs (“the api is not supported”), it seems that everything (?) is working except that the request Discourse is passing doesn’t include the scope. What I need, in terms of their example request above, is scope=basic%20email.
I’ve tried putting scope=basic email and scope=basic%20email and just scope=basic (which I think should at least give permissions to the ID, but is’ failing like this:
Started GET "/auth/oauth2_basic" for 71.9.18.118 at 2017-11-21 21:17:25 +0000
(oauth2_basic) Setup endpoint detected, running now.
(oauth2_basic) Request phase initiated.
Started GET "/auth/oauth2_basic/callback?code=4babb01d3065497a35766d015597037a&state=d63533cc57c7d8e9a3e73e4effcba96e532062715d3adfe8" for 71.9.18.118 at 2017-11-21 21:17:27 +0000
(oauth2_basic) Setup endpoint detected, running now.
(oauth2_basic) Callback phase initiated.
Processing by Users::OmniauthCallbacksController#complete as HTML
Parameters: {"code"=>"4babb01d3065497a35766d015597037a", "state"=>"d63533cc57c7d8e9a3e73e4effcba96e532062715d3adfe8", "provider"=>"oauth2_basic"}
OAuth2 Debugging: after_authenticate response:
creds: {"token"=>"9LoXFaen2N5TUM5UrGp4Em-MncARzCZab_ROrp6-hEd0DxuFK7MQRbxlwiPPkUJ2Aela1-aPXcRHn-07FWmW3g==", "expires_at"=>1516483047, "expires"=>true}
info: {"id"=>nil, "name"=>nil}
extra: {}
OAuth2 Debugging: user_json_url: https://www.doximity.com/api/v1/users/current
Completed 500 Internal Server Error in 84ms (ActiveRecord: 5.7ms)
OpenURI::HTTPError (401 Unauthorized)
/usr/local/lib/ruby/2.4.0/open-uri.rb:363:in `open_http'
Thanks, Robin. That’s at least part of what I needed to know.
Yes, I was thinking that I could add that scope in authorize_options, but I’m inferring that’s not the case. Can you throw me a couple lines of code and I’ll see if I can fork it and make it work for them?
This is a group of physicians working to solve problems in Puerto Rico. Actually, they probably didn’t notice that they might qualify for your non-profit rate, which might make more sense for them than me (as I recall, they’d rather go with you in the long term anyway). At the budget they’ve given me I’m not keen on developing a custom plugin, but I guess it’s just a line or two and you can give me a hint, I can get them started with a proof of concept for their organization.
It looks like you can just use an oauth2 authorize url like https://auth.doximity.com/oauth/authorize?scope=basic%20colleagues – at least I’ve been able to use this approach to authenticate with GitLab
(I’ve been unable to observe any effect of the oauth2 authorize options setting, so I left it at the default.)