Connect
Fewlines Connect provides Authentication and Authorization as a Service for Applications.
Authorization Code
Overview
Fewlines Connect implements several standard protocols such as OAuth 2.0 and OpenID Connect to achieve authenticating users and authorizing access between applications to resources.
OAuth 2.0
OAuth 2.0 is a standard protocol defined by the RFC 6749 and became the industry's default for Authentication and Authorization of users and their resources. OAuth 2.0 describes several ways for user authentication and resource authorization, the most widely used one being the Authorization Code Grant.
If you are looking to add authentication
+----------+
| Resource |
| Owner |
| |
+----------+
^
|
(B)
+----|-----+ Client Identifier +---------------+
| -+----(A)-- & Redirection URI ---->| |
| User- | | Authorization |
| Agent -+----(B)-- User authenticates --->| Server |
| | | |
| -+----(C)-- Authorization Code ---<| |
+-|----|---+ +---------------+
| | ^ v
(A) (C) | |
| | | |
^ v | |
+---------+ | |
| |>---(D)-- Authorization Code ---------' |
| Client | & Redirection URI |
| | |
| |<---(E)----- Access Token -------------------'
+---------+ (w/ Optional Refresh Token)
Note: The lines illustrating steps (A), (B), and (C) are broken into
two parts as they pass through the user-agent.
Figure 3: Authorization Code Flow
Last updated