Tohuwabohu excorcism

User Tools

Site Tools

Trace: mysql
security:auth0

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
security:auth0 [2019/01/09 06:07] skipidarsecurity:auth0 [2023/11/01 07:13] (current) – ↷ Page moved from business_process_management:camunda:security:auth0 to security:auth0 skipidar
Line 75: Line 75:
 https://auth0.com/docs/protocols/oauth2#authorization-grant-types https://auth0.com/docs/protocols/oauth2#authorization-grant-types
  
-  * **Authorization Code**: used by Web Apps executing on a server. This is also used by mobile appsusing the Proof Key for Code Exchange (PKCEtechnique. +|**Authorization Code** (Regular Web App Login Flow)|Regular Web Apps are here the web apps, having client/server components. Used by Web Apps executing on a server too, not only in browser\\ \\  The end user owns the resource. Here the authorization token is stored on the serverbypassing the users browser. \\ \\ **The authorization code + clientID + Client Secret (client is here the backend alias server) are used for authentication. They are exchanged for the access (bearertoken. \\ Everything happens on the backend side here.**| 
-  * **Implicit**used by JavaScript-centric apps (Single Page Applications) executing on the user's browser. +|**Implicit** (Single-Page Login Flow) |used by JavaScript-centric apps (Single Page Applications) executing on the user's browser. The end user owns the resource. **The access (bearer) token is used for authentication, stored in the browser.** | 
-  * **Resource Owner Password Credentials**: used by trusted apps. +|**Resource Owner Password Credentials**| Used by trusted apps. The end user still owns the resource. **End users username/password in plain text are used for authentication.**| 
-  * **Client Credentials**used for machine to machine communication.+|**Client Credentials** (Machine to machine)|used for machine to machine communication, when the client (like cron job) owns is the resource**The ClientID / Client Secret are used for authentication.** | 
  
  
Line 109: Line 110:
 The Auth0 Application - has a <color /#22b14c>Client ID</color> The Auth0 Application - has a <color /#22b14c>Client ID</color>
  
 +
 +===== Auth0 API =====
 +Its just the way of Auth0 to maintain the **audience** https://curity.io/resources/architect/claims/scopes-vs-claims/
 +and the expiration of tokens, given to reach out for the audience.
  
  
Line 251: Line 256:
  
 </sxh> </sxh>
 +
 +
 +
 +The Demo application which is 
 +  * using Auth0 authentication
 +  * accessing AWS services
 +
 +is hosted here https://github.com/skipidar/awsViaAuth0.npm
 +
 +
security/auth0.1547014067.txt.gz · Last modified: (external edit)