Slide 26
Slide 26 text
User
User
Client App
(browser, mobile app, app server)
Auth Service
Authorization &
Identity Server
Resource
Server (API)
Client App
(browser, mobile app, app server)
Auth Service
Authorization &
Identity Server
Resource
Server (API)
authenticate
click login with XXX. ? state = 987 & redirect_uri = auth Service & client_id = 123 & scope = email & response = code
enter credentials
verify
credentials
redirect to redirect_uri ? code = abc & state = 987
get_token ? client_id = 123 & code = abc (authorization = base64(client_id:client-secret )
return id, access & refresh tokens
securely
store tokens
access API
get access token
Invoke API (authorization : access_token)
(optional) refresh tokens