Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
devel:documentation:security:dev:security [2023/12/01 16:18] chalupat [The authentication flow from front] |
devel:documentation:security:dev:security [2023/12/01 16:19] (current) chalupat [The authentication flow from external application (hub, ...)] |
||
|---|---|---|---|
| Line 269: | Line 269: | ||
| 1) Authentication happens on external application | 1) Authentication happens on external application | ||
| - | 2) When accessing a resource, external application presents access token (in header " | + | 2) When accessing a resource, external application presents access token (in header " |
| 3) IDM validates token on OIDC provider | 3) IDM validates token on OIDC provider | ||
| Line 282: | Line 282: | ||
| 1) User clicks on logout button so front redirects him to api endpoint for OIDC logout. | 1) User clicks on logout button so front redirects him to api endpoint for OIDC logout. | ||
| - | 2) IDM redirect him to logout endpoint on OIDC provider | + | 2) IDM redirect him to logout endpoint on OIDC provider |
| 3) OIDC provider calls IMD and IDM invalidates all tokens with SID (from JWT token) | 3) OIDC provider calls IMD and IDM invalidates all tokens with SID (from JWT token) | ||