Hi Team,
we have enabled OIDC in SYNC-GW level and we would like to disable the BASIC AUTH from replicator side. Is there a way to do this?
From mobile side, they have to use only ID_TOKEN for authentication, should not use BASIC AUTH.
Thanks.
Not sure I follow the use case - Since you are developing the app that is opening the replication, if you don’t want to use basic auth, they don’t set that in the authenticator during replicator config
I understand it but my question is even if we have OIDC configuration at sync-gateway level why still basic auth is working from replicator? is there a way to block the basic auth?
Thanks.
Still unclear on what you meant “by working from replicator”. Can you explain what you attempted( sequence of steps including the SGW config and replicator config on CBL side), what you expected to see and what you observed
I don’t know how to explain, all i expecting is when OIDC is enabled , mobile replicator should not allowed to use basic authentication.
Cookie cookie = OpenIDConnectHelper.createSessionCookie(tokenID);
replConfig.setAuthenticator(new SessionAuthenticator(cookie.getValue(), StringConstants.SG_COOKIE_NAME)); // This works fine if i set ID_TOKEN
replConfig.setAuthenticator(new BasicAuthenticator(“XXXXX”, “XXXXX”)); //This also works - i don’t want this authentication to work - expectation - sync-gw has to throw basic authentication is not allowed, something like that.
Is that possible?
Thanks.