Identification, Authentication and Authorization

Applied Cryptography Robust Software Quantum Safety Machine Learning Applied to Security Analysis and Exploration of Vulnerabilities Computer Systems Forensic Analysis Reverse Engineering Identification, Authentication and Authorization Secure Execution Environments Direito da Organização e da Segurança

Identification, Authentication and Authorization
Access Control Models
OAuth 2.0 Authorization Framework
Linux Security Mechanisms
Authentication Protocols
PAM (Pluggable Authentication Modules)
FIDO and FIDO2 framework
Authentication with Trusted Third Parties / KDCs
Identity Management
Anonymity and Privacy

Powered by GitBook

On this page

Authorization endpoint
Token endpoint
Redirect endpoint

Communication endpoints

PreviousRoles (RFC 6749)NextApplication (client)

Last updated 6 months ago

Authorization endpoint

Service provided by the OAuth server.

Authenticates the resource owner (the user).
Asks for the delegation of access rights to its protected resources to the client.
Send an authorization grant to the redirection endpoint.

Token endpoint

Service provided by the OAuth server.

Produces access tokens given an authorization grant.
It can also produce refresh tokens.
Refresh tokens can be used to get new tokens.
- With an authorization grant.

Client authentication.

ClientID + ClientSecret + HTTP basic authentication.

Redirect endpoint

Service provided by the client.

It collects the authorization grant provided by the OAuth server.
It should be called by the OAuth server using an HTTP redirect.