Roles Clients and Tokens
Roles: Client, Authorization Server, Resource Server
2 types of clients: Confidential and Public
2 token types
Identifier Type Token: The resource server needs to further query from auth server's DB about this token, re what user it is.
Self-Contained Token (e.g. JWT)
The coded token be like:
Content
OpenID Connect (OIDC)
OpenID Connect is an additional layer which adds idenity information about the current authenticated user. It makes the authorization server an Identiy Provider.
Here is a list of extra ID data to the access token:
Top comments (0)