Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
devel:documentation:security:dev:security [2023/12/01 16:18] chalupat [The authentication flow from front] |
devel:documentation:security:dev:security [2023/12/01 16:19] (current) chalupat [The authentication flow from external application (hub, ...)] |
||
---|---|---|---|
Line 269: | Line 269: | ||
1) Authentication happens on external application | 1) Authentication happens on external application | ||
- | 2) When accessing a resource, external application presents access token (in header " | + | 2) When accessing a resource, external application presents access token (in header " |
3) IDM validates token on OIDC provider | 3) IDM validates token on OIDC provider | ||
Line 282: | Line 282: | ||
1) User clicks on logout button so front redirects him to api endpoint for OIDC logout. | 1) User clicks on logout button so front redirects him to api endpoint for OIDC logout. | ||
- | 2) IDM redirect him to logout endpoint on OIDC provider | + | 2) IDM redirect him to logout endpoint on OIDC provider |
3) OIDC provider calls IMD and IDM invalidates all tokens with SID (from JWT token) | 3) OIDC provider calls IMD and IDM invalidates all tokens with SID (from JWT token) | ||