This chapter presents an overview of the AS-centric implementation of OAuth 2.0 and OIDC in Airlock IAM.
Architecture of the AS-centric authorization server
The following picture shows the fundamental concept of the new implementation of the OAuth 2.0 and OIDC Authorization Server.
The architectural design of the AS-centric AS implementation shown above leads to the following characteristics:
- One instance of Airlock IAM can support an unlimited number of authorization servers
- Every authorization server is configured separately in Airlock IAM
- Each authorization server can support an unlimited number of clients
- Clients can be configured statically within the authorization server configuration
- Clients can be registered dynamically through the DCR (Dynamic Client Registration) protocol
- Each client must have a unique client-id per authorization server
Further information and links
- See Conceptual overview of OAuth 2.0/OIDC for generic information about OAuth 2.0 and OIDC.