OAuth 2.0 and OpenID Connect 1.0
Introduction
The Ubisecure SSO implements the OAuth 2.0 authorization server role.Â
The main use cases are
- authorization code grant and web single sign-on
- authorization code grant and native applications
- password grant and native applications
- password grant and server-to-server integrations
Standards and Recommendations Reference
- The OAuth 2.0 Authorization Framework https://tools.ietf.org/html/rfc6749 (https://tools.ietf.org/html/rfc6750)
- OAuth 2.0 Token Introspection https://tools.ietf.org/html/rfc7662
- OpenID Connect Core http://openid.net/specs/openid-connect-core-1_0.html
- OpenID Connect Discovery http://openid.net/specs/openid-connect-discovery-1_0.html
- OpenID Connect Dynamic Client Registration http://openid.net/specs/openid-connect-registration-1_0.html (https://tools.ietf.org/html/rfc7591)
- JSON Web Signature (JWS)Â https://tools.ietf.org/html/rfc7515
- JSON Web Key (JWK)Â https://tools.ietf.org/html/rfc7517
- JSON Web Algorithms (JWA)Â https://tools.ietf.org/html/rfc7518