I have a Spring MVC web application that I am trying to authorize to post to our company Yammer feed under a generic account, but I am having trouble figuring out how to automatically authenticate this generic user and create a session with the Yammer API. As far as I can tell from reading-up on OAuth2 and Spring Social's mechanism for establishing connections to service providers, manual user authentication through the service provider's login page is always required to get an access token. Is it possible to automatically acquire a token, given a user's credentials?
1 Answers
0
votes
This is how OAuth works for the Yammer OAuth flow. 3rd parties should always present the user with the authorization dialog and have the user allow access. When the user allows access then the OAuth flow can be completed and you'll have an OAuth token.
If you are a Yammer customer you might be able to make use of the impersonation feature to acquire an OAuth token on behalf of a user. Users will still get an email notifying them that an app has been activated for their account. This requires verified administrator access to Yammer which a 3rd party app will typically not have. Impersonation will also prevent challenges for a 3rd party who is looking to get into the Yammer App Directory.
