Authorization Code Flow

The Authorization Code Flow is a key component of the OAuth 2.0 framework, designed for applications that can securely store client secrets. It is widely used for web and mobile applications to enable secure user authentication and authorization.

How It Works

User Authentication: The user is redirected to the authorization server to authenticate.
Authorization Code: Upon successful authentication, the server returns an authorization code to the client application.
Token Exchange: The client application exchanges the authorization code for an access token and optionally a refresh token.

OpenID Connect (OIDC) Extension

OpenID Connect builds on top of the OAuth 2.0 framework to provide an identity layer. It allows client applications to verify the identity of the user and obtain basic profile information in a secure manner.

Key Features of OIDC:

ID Token: A JSON Web Token (JWT) that contains user identity information.
UserInfo Endpoint: An endpoint to retrieve additional user profile information.
Standardized Scopes: Scopes like openid, profile, and email to request specific user information.

Benefits

Enhanced Security: Sensitive tokens are not exposed to the user-agent or other potentially insecure environments.
Flexibility: Supports a wide range of use cases, including single-page applications and server-side applications.
Identity Verification: With OIDC, applications can authenticate users and retrieve identity information in a standardized way.

For more details, refer to the Authentication/Authorization Concepts page.

Integration

azuma doa fully implements both concepts.

Authorization Code Flow

How It Works​

OpenID Connect (OIDC) Extension​

Key Features of OIDC:​

Benefits​

Integration

How It Works

OpenID Connect (OIDC) Extension

Key Features of OIDC:

Benefits