We currently use the IBM Bluemix Single Sign On service with our hosted NodeJS application and it is working well. We now want to use that same SSO with a Single Page Application (SPA) built in AngularJS.
When I use either oauth-ng
or afOAuth2
they want to use the response_type=token_id
for an implicit flow, but when I use that with Bluemix I get this error:
error=unsupported_response_type
error_description=CWOAU0027E: The response_type parameter was invalid: token_id
However when I set the response_type=code
the SSO service redirects but none of the AngularJS packages know how to handle the response. I am guessing that is because they want to use the implicit flow and Bluemix wants to use the authorization code flow.
My question is can I use the Bluemix SSO service with a client that is not NodeJS/WLP running in Bluemix and does it support the Implicit Flow?