Last modified by messines on 2021/06/08 17:32
From version 18.1
edited by messines
on 2021/01/05 16:39
Change comment: There is no comment for this version
To version 22.1
edited by messines
on 2021/06/08 17:32
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -Authenticating with your OIDC client and fetch collab user info
1 +2. Authenticating with your OIDC client and fetch collab user info
Content
... ... @@ -1,3 +1,8 @@
1 +(% class="wikigeneratedid" %)
2 +== Requirement ==
3 +
4 +You should read this documentation to [[understand the concept of Authentication and Authorization>>https://wiki.ebrains.eu/bin/view/Collabs/the-collaboratory/Technical%20documentation/Architecture/Permissions/Authentication%20%26%20Authorisation%20using%20OIDC/]] with OIDC and OAuth2 before to try to implement it.
5 +
1 1  == Abstract ==
2 2  
3 3  In order to create an OIDC client, see [[1. Registering an OIDC client>>https://wiki.ebrains.eu/bin/view/Collabs/collaboratory-community-apps/Community%20App%20Developer%20Guide/1.%20Registering%20an%20OIDC%20client/]]. After creating the OIDC client, you have a corresponding access token and secret.
... ... @@ -69,7 +69,7 @@
69 69  === Access Token Request ===
70 70  
71 71  (% class="wikigeneratedid" id="HRequest-1" %)
72 -Now that your app has the **authorization** **code** for a user, it can fetch the user access token
77 +Now that your app has the **authorization** **code** for a user, it can fetch the user ID Token and Access Token
73 73  
74 74  ==== Request ====
75 75  
... ... @@ -107,7 +107,7 @@
107 107  }
108 108  )))
109 109  
110 -Your app gets a response containing the **access token** and other information.
115 +Your app gets a response containing the **access token**, the **refresh token,** the **id token **and other information. The ID Token should be use by developer on their backend to read user informations such as username, first name, last name etc. The ID Token should be use internally, into your app only, the app which triggered the authentication. The access token will be use to reach APIs, the access token can be see as a card to access an ATM. ID Token is for Authentication, Access token is for Authorization. Refresh token is to re-ask a valid access token after expiration.
111 111  
112 112  == Access user info ==
113 113