Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

OAuth 2.0 and OpenID Connect are industry standard protocols for authenticating users and authorizing third-party applications to access Web APIs on behalf of a resource owner approving that access or by allowing those third-party applications to access those APIs directly.

In OAuth 2.0, the entities involved in this exchange include the following:

  • Resource Owner – This is the user who owns the resource or data, such as their profile information, that is being requested by the application. 
  • Client Application – This is the application that is requesting the user's data. To call EmpowerID APIs, this application must be registered in EmpowerID.
  • Authorization Server – This is the identity store that knows about the resource owner and can verify their identity and issue tokens to authorize access to the requested resources.
  • Access Token – This is the key issued by the Authorization server to allow the client application to access requested resources from the resource server.
  • Resource Server – This is the API endpoint or server where the user's resources live.


A basic representation of these entities in an OAuth 2.0 flow is shown below:



Div
styleheight: 60px
classrow
Div
styleheight: 60px;
classrow


Style
importhttps://docs.empowerid.com/homepage.css


Style
importhttps://docs.empowerid.com/docs-h-21.css
.confluence-embedded-image {
    pointer-events: none !important;
    max-width: 100% !important;
    margin-left: auto !important;
    margin-right: auto !important;
}



Div
idadditional-content
classhas-background-alternating-grey has-padding-top-extra-large has-padding-bottom-extra-large


Div
stylefont-size:2.5rem; margin-left: 80px; color: #171717 !important; margin-bottom: 60px;
idgettingStartedText

Get started with OAuth 2.0 Flows


Div
classrow


Div
classcolumns is-multiline


Div
classcolumn is-6-tablet is-4-desktop


Div
classadditional-card box is-block is-full-height has-padding-large


Div
classhas-line-height-reset has-margin-left-none has-margin-bottom-none has-margin-top-extra-small

OpenID Connect

OAuth 2.0 Authorization Code Grant

OAuth 2.0 JWT (JSON Web Token) Bearer Grant

OAuth 2.0 Client Credential Grant




Div
classcolumn is-6-tablet is-4-desktop


Div
classadditional-card box is-block is-full-height has-padding-large


Div
classhas-line-height-reset has-margin-left-none has-margin-bottom-none has-margin-top-extra-small

OAuth Client Certificate Grant

OAuth 2.0 Refresh Token Grant

OAuth 2.0 Implicit Grant

OAuth 2.0 RP-Initiated Logout




Div
classcolumn is-6-tablet is-4-desktop


Div
classadditional-card box is-block is-full-height has-padding-large


Div
stylemargin-right: 10px;
classhas-line-height-reset has-margin-left-none has-margin-bottom-none has-margin-top-extra-small

UserInfo Endpoint

Token Introspection Endpoint

Token Revoke Endpoint

Token Exchange Endpoint