The resource server manages access to a protected resource, allowing access based on access tokens. Client ApplicationĪ client application is an application which accesses protected resources on the behalf of the resource owner. It can be a person (usually the end-user) but can also be a machine. The resource owner is an entity which can grant a client application a scoped access to a resource. AuthorizationĪuthorization is the process of giving a subject permissions to access resources in a certain way. OAuth is a specification for authorization and is not an authentication protocol but is used as a basis for authentication protocols like OpenID Connect. Or in other words authentication answers the question “who one is”. associating credentials with an identity. This basically involves checking whether a user exists and determining who this user is i.e. It also provides basic profile information.O AuthenticationĪuthentication is the process of identifying an individual e.g. Client applications can use it to verify the identity of a subject (usually a user) based on the authentication performed by an authorization Server. OpenID Connect (OIDC) is an authentication layer (i.e. Put simply, it’s a secure authorization protocols used to grant applications access to protected resources without exposing credentials. OAuth (Open Authorization) is an open standard for API access delegation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |