https://wiki.alf.digital/ 2026-04-23T13:43:08+00:00 https://wiki.alf.digital/ https://wiki.alf.digital/lib/exe/fetch.php?media=wiki:dokuwiki.svg text/html 2023-11-01T07:13:10+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.alf.digital/doku.php?id=security:auth0&rev=1698822790&do=diff Auth0 Integrating of Cognito with Auth0 <https://auth0.com/docs/integrations/integrating-auth0-amazon-cognito-mobile-apps> Secure AWS API Gateway Endpoints Using Custom Authorizers <https://auth0.com/docs/integrations/aws-api-gateway/custom-authorizers> <https://auth0.com/docs/integrations/aws-api-gateway/custom-authorizers#how-api-gateway-custom-authorizers-work> You can use the custom authorizer to implement different types of authorization strategies, including JWT verification, to ret… text/html 2024-03-26T20:01:19+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.alf.digital/doku.php?id=security:oauth&rev=1711483279&do=diff OAuth Tokens: ID TokenContains the info about the userAccess TokenContains the access code, issues by the Oauth 2.0 server, allowing to access apps for a limited timeRefresh TokenAllows to refresh the access token, without sending user to the OAuth 2.0 server again text/html 2023-11-01T07:13:10+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.alf.digital/doku.php?id=security:oidc&rev=1698822790&do=diff Open ID Connect - OIDC Source: <https://www.slideshare.net/mraible/what-the-heck-is-oauth-and-openid-connect-dosug-2018?qid=e9ca62c0-5a2c-428b-9a83-44bc2b97e11f&v=&b=&from_search=7> OpenID Connect is based on top of Oauth 2.0. Gaps in Oauth 2.0 access token. Still in the access token - some parts are missing. It just proves, that the Client user was authorized Oauth 2.0 access token { "access_token" : "2asfasgagsddsasdA" , "token_type" : "Bearer", "expires_in" : 3600, "refresh_token" …