All geek questions in one place

OAuth 2.0 Service for Authentication and Service Best Practices

I have to deal with these types of auth streams:

  • Creation of authentication flows for web users;
  • Similarly, this applies to authentication services for authentication

In short, the following diagram can show the main components that we will have:

enter image description here

For Authentication users, we would like to use OAuth2 (Implicit Flow), and overall it looks more or less clear.

Can a service authorization maintenance question be used in OOuth2 Authorization Code Flow?

The main problem is that there will be many backend services inside datacenter1, so it will be useful to work, because the services will work with the same resolution model as users (at least some functions can be removed).

: , Datacenter1 ?

+4
1

: OAuth 2.0 , . : https://oauth.net/articles/authentication/

, OAuth 2.0 " , . 10 OAuth 2.0: http://blog.intothesymmetry.com/2015/12/top-10-oauth-2-implementation.html

OpenID Connect, ( OAuth 2.0), , OAuth 2.0.

OpenID Connect - ( -).

, , , :

  • "Leaner": HTTP (, VPC, )
  • "Safter": ( ) HTTPS, . , Vault

(.. user_id ) - :

  • , , .
  • / , , - " ".
0

Source: https://habr.com/ru/post/1658779/

More articles:


All Articles