URL for OAuth 2.0 grants and OIDC flows
The authors of the OAuth 2.0 and OIDC specifications have designed a system that allows users to authenticate securely without entering the authentication credentials in the client application. Client applications receive bearer tokens via back channel after successful authentication and consent of the user (resource owner). To achieve this goal, the authorization code grant/flow is intended to be used with a browser that renders the HTML for a human user.
Airlock IAM implements the authorization code grant/flow behind a single endpoint. The IAM configuration and the parameters provided by the initial request define which grant or flow is used.
Grant and Flows | Type | URL | Authentication | Comment |
---|---|---|---|---|
Authorization Code Grant & Flow | OAuth 2.0 |
| none | This is a public endpoint to start an authorization workflow. No existing authentication is required. For OIDC the client must add the scope |
Session Management 1.0 | OIDC |
| none | URL of the OP iframe that supports cross-origin communications for session state information with the RP Client. |