couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Higham <>
Subject Re: Authentication
Date Thu, 10 Jun 2010 14:17:38 GMT
The best I found was but that's
not much to go on.

I've therefore spend a little time trying to understand what and how it
works. The oauth.ini file contains all the keys, tokens and secrets. Within
that there are three sections

defines the oauth_consumer key/secret pairs (client credentials) for any
oauth clients you want to allow to connect

Maps oauth access tokens to CouchDB usernames

Maps oauth access tokens to their respective secret.

Luckily in 0.11 all of these can be changed and set via the _config api. Try
from Futon to find the exact calls

If the client has its client credentials and a user's access token and
secret then using standard oauth libraries any request can be oauth signed
and authenticated (as the example in the wiki demonstrates)

There are two _oauth special URLs _oauth/request_token and _oauth/authorize
but I remain to be convinced that these work. I have only got calls
to _oauth/request_token to return a valid response when signing the request
with the client and access keys/secrets and the test cases do the same.

There is nothing in place (or at least I haven't found it) to assist in key,
token or secret creation or to support the full three-legged authentication
where a user is required to authorise a client to authenticate on their


On 10 June 2010 14:18, Markus Wolf <> wrote:

> Hi,
> is there some documentation on how to configure the oauth in couchdb?
> We would like to create some kind of single sign on for our app which
> uses couchdb.
> Regards
> Markus
> --
> Markus Wolf
> Entwicklung
> FaceValue Media GmbH
> Max-Brauer-Allee 34
> 22765 Hamburg
> Fon: +49 (0) 40 1888899-73
> Fax: +49 (0) 40 1888899-873
> E-Mail:
> - Europe's #1 rating site
> Sitz der Gesellschaft: Breslauer Strasse 39
> 65830 Kriftel
> Amtsgericht Frankfurt/M HRB 54159, UST-ID: DE 223646709
> Geschäftsführung: Frank Böhmer

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message