Virtuoso Open-Source Wiki
Virtuoso Open-Source, OpenLink Data Spaces, and OpenLink Ajax Toolkit
Advanced Search
Location: / Dashboard / Main / VOSIndex / VirtSPARQLEndpointProtection / VirtOAuthSPARQL

Securing your SPARQL Endpoint via OAuth

SPARQL endpoints are easy for random visitors to accidentally overload. Virtuoso allows you to secure your SPARQL endpoint against such abuses in various ways, including OAuth.

Sample scenario

The following sample scenario demonstrates the OAuth keys and Protected SPARQL Endpoint features of the Virtuoso Auth UI:

  1. Download and install the conductor_dav.vad and ods_framework_dav.vad (commercial) or ods_framework_dav.vad (open source) packages.
  2. Go to http://<cname>:<port>/conductor, where <cname>:<port> are replaced by your local server values.
  3. Log in as user "dba" or another user with DBA privileges
  4. Go to System Admin-> User Accounts:

  5. Click "Create New Account":

  6. In the presented form enter respectively:
    • Account name, for ex:demo1; enter password and then confirm it;
    • User type: SQL/ODBC and WebDAV
    • Account role: SPARQL_UPDATE

  7. Click "Save".
  8. The created user should be shown in the list of registered users:

  9. Go to http://<cname>:<port>/oauth/, where <cname>:<port> are replaced by your local server values.

  10. Click the "OAuth Keys" link:

  11. Log in as user demo1:

  12. The OAuth application registration form will be shown.

  13. Select SPARQL from the "Application name" list, and click the "Generate Keys" button.
  14. A Consumer Key for SPARQL will be generated:


  15. Click the "Back to main menu" link.

  16. Click the "Protected SPARQL Endpoint" link.
  17. The OpenLink Virtuoso SPARQL Query form will be shown:

  18. Enter a simple query, for ex:

    SELECT * WHERE { ?s ?p ?o } LIMIT 10

  19. For "OAuth token", enter the Consumer Key value which was generated above, i.e.,


  20. Click the "Run Query" button.
  21. In the OAuth Authorization Service form, enter the password for user demo1 and click the "Login" button.

  22. Next you should authorize the request:

  23. On successful authentication and authorization, the query results should be shown:


Powered By Virtuoso