Working with the web GUI (Wicket)

The web GUI is protected by OAuth 2 log in. Run the Docker Compose containers with docker compose up to start the authorization server to be able to log in.

If you run SciPro in development mode (DEV profile) you will be able to log in as the "default" OAuth 2 user populated in the upper form. If you have other data in your database you will have to use the lower form and specify a valid username in the principal field.

Working with the API

The API is protected by OAuth 2 acting as a resource server verifying tokens using token introspection.

When developing it uses a locally running instance of an authorization server that is run inside Docker. It can be started with docker compose -f docker-compose.yml up. Since there is no frontend to interact with the authorization server there's a helper script in GetToken.java that can be run directly with java GetToken.java to run through the authorization flow and get an access token.

Once the token has been obtained go to the Swagger UI to interact with the API. Click the "Authorize" button in the top right and paste the access token to log in.