立即与支持人员聊天
与支持团队交流

我们当前正在进行网站维护,需要登录的任何功能都暂时不可用,如果您有需要立即获得帮助的问题,。请与技术支持部门联系.

Cloud Access Manager 8.1 - How To Develop OpenID Connect Apps

confidential

Server-based applications (typically web applications) are capable of maintaining the confidentiality of secret information. Applications which run in this environment should be configured as confidential. Cloud Access Manager does authenticate confidential clients. When you configure your application as a confidential client, you must use the Authorization Code flow; Cloud Access Manager will return an error if an attempt is made to invoke Implicit flow from a confidential client.

What is OpenID® Connect?

OpenID Connect is a standard which defines how the identity of an end-user can be verified, and how claims about a user can be obtained. It is an extension to the OAuth v2.0 protocol.
OpenID Connect deals with scenarios where a user is authenticated using a browser (for example the authorization code and implicit code flows of the OAuth v2.0 specification). Clients signal to the authorization server that they wish to perform OpenID Connect authentication by setting the scope in the initial authorization request to openid.
In OpenID Connect, the client is referred to as the Relying Party (RP) and the Authorization Server is known as the OpenID Provider (OP). The core specification for OpenID Connect can be found online at http://openid.net/specs/openid-connect-core-1_0.html
Figure 3. Conceptual view of OpenID® Connect

OpenID® Connect ID Token

As a result of a successful authentication request, the OpenID Provider returns an ID Token in the form of a JSON Web Token, the specification for the JSON Web Token format can be found online at https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32. The ID Token contains claims about the authentication of an end-user as follows:

iss

Issuer. A URL that identifies the OP.
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级