/// tip

By the spec, you should return a JSON with an `access_token` and a `token_type`, the same as in this example.

This is something that you have to do yourself in your code, and make sure you use those JSON keys.

It's almost the only thing that you have to remember to do correctly yourself, to be compliant with the specifications.

For the rest, **FastAPI** handles it for you.

///

## Update the dependencies

It can be used by the frontend team (that can also be yourself).

It can be used by third party applications and systems.

And it can also be used by yourself, to debug, check and test the same application.

## The `password` flow

Now let's go back a bit and understand what is all that.

But it's possible to customize it, you can set a specific CDN, or serve the files yourself.

## Custom CDN for JavaScript and CSS

Let's say that you want to use a different <abbr title="Content Delivery Network">CDN</abbr>, for example you want to use `https://unpkg.com/`.

[fess.codelibs.org](https://fess.codelibs.org/)

## Issues/Questions

[discuss.codelibs.org](https://discuss.codelibs.org/c/FessEN/)

## Getting Started

There are 2 ways to try Fess. The first is to download and install yourself. The second is to use [Docker](https://www.docker.com/products/docker-engine).

### Download and Install/Run

You could use these tools and ideas if you are setting up **your own deployment system** while taking care of the other deployment concepts yourself.

This example doesn't implement the callback itself (that could be just a line of code), only the documentation part.

/// tip

The actual callback is just an HTTP request.

When implementing the callback yourself, you could use something like <a href="https://www.python-httpx.org" class="external-link" target="_blank">HTTPX</a> or <a href="https://requests.readthedocs.io/" class="external-link" target="_blank">Requests</a>.

///

            To properly test this, you need to remove existing toolchains:
            rm -rf ~/.m2/jdks/ ~/.m2/toolchains.xml
            (But don't run that if you have put something into ~/.m2/toolchains.xml yourself.)
            -->
            <execution>
              <id>download-11</id>
              <goals>
                <goal>toolchain</goal>
              </goals>
              <configuration>

            To properly test this, you need to remove existing toolchains:
            rm -rf ~/.m2/jdks/ ~/.m2/toolchains.xml
            (But don't run that if you have put something into ~/.m2/toolchains.xml yourself.)
            -->
            <execution>
              <id>download-11</id>
              <goals>
                <goal>toolchain</goal>
              </goals>
              <configuration>

Another option is that you could use a **cloud service** that does more of the work including setting up HTTPS. It could have some restrictions or charge you more, etc. But in that case, you wouldn't have to set up a TLS Termination Proxy yourself.

I'll show you some concrete examples in the next chapters.

---

Then the next concepts to consider are all about the program running your actual API (e.g. Uvicorn).

## Program and Process

	}
	if ok {
		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, errIAMActionNotAllowed), r.URL)
		return
	}

	// When the user is root credential you are not allowed to
	// remove the root user. Also you cannot delete yourself.
	if accessKey == globalActiveCred.AccessKey || accessKey == cred.AccessKey {
		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, errIAMActionNotAllowed), r.URL)
		return
	}