Developer Programs

Learn

Docs
Important notification about upcoming changes to the DMZ environment. Please read.

Authentication Architecture

Enterprise REST API > Authentication Framework > Overview > Authentication Architecture

The Authentication Framework is based on the industry standard OAuth 2.0 and OpenID Connect architecture.

In this architecture, the User is considered to be the Resource Owner (in this case, the owner of their identity, data, and operations). The User is a separate entity from the Client.

The Client (aka 3rd party app) is considered to be the Relying Party as it is relying upon an Authorization Server to authenticate a User.

The Authorization Server is an Identity Provider that authenticates the User. The User can tell the Authorization Server to provide the Client with authorized access to resources that the User owns.

Once authorized, the Authorization Server provides an Access Token and an Identity Token to the Client.

The Identity Token provides authenticated information about the User to the Client. The Client uses the Access Token to gain access to the User resources that are held on the Resource Server.


Have a Question?
Have a how-to question? Seeing a weird error? Get help on StackOverflow.
Register for the Digital Toolkit Meetup where we answer technical Q&A from the audience.
Last updated Thu Jul 14 2022