Use Case Scenario
This scenario is rather complex since it requires different parts of the authorization server to be configured correctly.
- In the end, It will support the following process:
- The client starts an authorization code flow to obtain access and refresh token.
- The client obtains an SSO ticket.
- The client starts an authorization code flow as follows:
- prompt to login for forced re-authentication.
acr_values
set tostrong-acr
to force strong authentication.- SSO ticket to restore the session and skip username/password verification.
- The user will provide a 2nd factor to complete the authentication.
- The client will complete the authorization code flow.
- The important properties of this flow are:
- It uses only the authorization code flow.
- For authentication, it uses the Loginapp UI.
- It can force re-authentication with a 2nd factor, regardless of the user's authentication.