Reference/Excepts:
https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2
Client:
Resource Server:
Authorization Server:
https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2
OAuth Roles
OAuth defines four roles:
Resource Owner:- The resource owner is the user who authorizes an application to access their account. The application's access to the user's account is limited to the "scope" of the authorization granted (e.g. read or write access).
Client:
- The client is the application that wants to access the user's account. Before it may do so, it must be authorized by the user, and the authorization must be validated by the API.
Resource Server:
- The resource server hosts the protected user accounts.
Authorization Server:
- The authorization server verifies the identity of the user then issues access tokens to the application.
- From an application developer's point of view, a service's API fulfills both the resource and authorization server roles.
For applications:
- Application Registration
- Receive 'client credentials'
- Client identifier
The Client ID is a publicly exposed string that is used by the service API to identify the application, and is also used to build authorization URLs that are presented to users. - Client secret
The Client Secret is used to authenticate the identity of the application to the service API when the application requests to access a user's account, and must be kept private between the application and the API.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.