-
Notifications
You must be signed in to change notification settings - Fork 8
OAuth 2.0 Integration
PowerAuth Web Flow documentation has been moved to: https://developers.wultra.com/docs/develop/powerauth-webflow/OAuth-2.0-Integration
Please use the new developer portal to access documentation.
Web Flow serves a role of an OAuth 2.0 provider.
The OAuth 2.0 standard defines following components:
-
OAuth 2.0 Authorization Server
- a server providing authorization services -
OAuth 2.0 Resource Server
- a server providing access to resources -
OAuth 2.0 Client
- a client using the authorization services
Web Flow implements the authorization code grant
type from the OAuth 2.0 specification. No other grant types are supported. The Authorization Server is provided by the powerauth-webflow project.
Web Flow provides following endpoints:
-
/oauth/authorize
- main OAuth2.0 endpoint which triggers processing of a Web Flow operation -
/oauth/token
- provides access to the OAuth 2.0 token
Web Flow only uses OAuth 2.0 access tokens and does not issue refresh tokens.
Web Flow implements a basis Resource Server which provides access to the user profile. The Resource Server is provided by the powerauth-webflow-resources project.
Web Flow Resource Serverr provides following endpoints:
-
/api/secure/profile/me
- provides information about authenticated user (user ID, firstName, familyName), connection (language, SCA) and service (application name, environment, timestamp)
A sample OAuth 2.0 client is implemented in the powerauth-webflow-client project. It is expected that during Web Flow deployment a similar client will be created for preparing data and form data related to the operation.
The sample code for creating an operation and customizing operation form data is available in the Customizing Operation Form Data chapter.
Overview
Applications
- Web Flow Server
- Next Step Server
- Data Adapter
- Mobile Token
- PowerAuth Server
- PowerAuth Admin
- PowerAuth Push Server
REST APIs
- NextStep Server REST API Reference
- Data Adapter REST API Reference
- Web Flow REST API Reference
- Mobile Push Registration API
- Mobile Token REST API Reference
Deployment
Customizing Web Flow
- Customizing Web Flow Appearance
- Implementing Data Adapter Interface
- Web Flow Configuration
- Configuring Next Step Definitions
- Customizing Operation Form Data
- Mobile Token Configuration
Technical Notes
Development
Releases