Our application uses Identity service for creating a user and login. For the Identity service, we use OAuth 2.0 but there is no specific documentation how we are going to use it.
OAuth 2.0
Authorization protocol, X Authentication Protocol. -> Authorization code may be returned.
Authorization server issue a refresh token with the access token.
Access data from external Resource.
The OAuth 2.0 Spec has four roles: Authorization server, resource owner, Client, Resource server
What is the Resource Owner?
Your application's end user that grants permission to access the resource server with an access token.
What is the Resource Server?
The resource server handles authenticated requests after the application has obtained an access token.
User Agent?
Mobile Phone, Native application, TV Etc . something that runs in client.
Verifying scope.
The resource server needs to know the list of scopes that are associated with the access token.
Authorization server
Endpoint should be AUthorization and Token
Authorization Code
The authorization endpoint returns only the authorization code.
It is used for obtaining an ID token and optional OAuth access token from the token endpoint.
Our application uses Identity service for creating a user and login. For the Identity service, we use OAuth 2.0 but there is no specific documentation how we are going to use it.
OAuth 2.0
What is the Resource Owner?
Your application's end user that grants permission to access the resource server with an access token.
What is the Resource Server?
The resource server handles authenticated requests after the application has obtained an access token.
User Agent?
Mobile Phone, Native application, TV Etc . something that runs in client.
Verifying scope.
The resource server needs to know the list of scopes that are associated with the access token.
Authorization server
Endpoint should be AUthorization and Token
Authorization Code
The authorization endpoint returns only the authorization code. It is used for obtaining an ID token and optional OAuth access token from the token endpoint.