OAuth 2.0 Concepts

From NovaOrdis Knowledge Base
Revision as of 00:22, 12 November 2017 by Ovidiu (talk | contribs) (→‎Internal)
Jump to navigation Jump to search

Internal

Identity.

User's presence at the system - means that the user identity is associated with the thread that is processing the user's request, and in a way, it is the user that "drives" the thread. The identity is associated with the thread in the form of a security context.

There are software agents that perform actions on behalf of the user, and this is where OAuth is relevant - a user can delegate the authority of performing certain actions in a secure way. Even the software agent (the OAuth client) operates under a different identity, it can still perform action on behalf of a user that may not be even logged in anymore. An example of such identity is an OpenShift service account.

Authentication.

Authorization.

Retrieved from "https://kb.novaordis.com/index.php?title=OAuth_2.0_Concepts&oldid=31061"