• Browse
  • Pages
  • Blog
  • Labels
  • Attachments
  • Mail
  • Bookmarks
  • Activity
  • Advanced
• Log In

1. Dashboard
2. Open Source: Whydah
3. Whydah Home
4. Contributing to Whydah
5. Internal authentication and authorization in Whydah

Internal authentication and authorization in Whydah

Skip to end of metadata

• Page restrictions apply
• Added by Thor Henning Hetland, last edited by Bård Lind on Jan 14, 2015  (view change)

Comment:

Go to start of metadata

Authentication

Users and applications are authenticated with their respective sessions.

API authorization matrix in UIB

	Whydah application session	External application (was: Third-party application session)	Whydah Administration session (internal)
user session	session control	myApp.contains()+myRole.contains() ?? Forsto ikke denne.
no user session	login,sign-up, reset password, (app auth)	on-behalf of	on-behalf of, 3rd party tokens(SSOLWA)

---

API authorization matrix in UAS

	Roletype	Whydah application session	External application (was: Third-party application session)	Whydah Administration session (internal)
user session with elevated roles
user session
no user session	any	login,sign-up, reset password, (app auth)	on-behalf of	on-behalf of, 3rd party tokens(SSOLWA)

---

Some background

• Endpoint design

Labels parameters

Labels:

None

Enter labels to add to this page:

 

Looking for a label? Just start typing.

Powered by a free Atlassian Confluence Community License granted to Cantara AS. Evaluate Confluence today.

• Powered by Atlassian Confluence 3.5.17, the Enterprise Wiki
• Printed by Atlassian Confluence 3.5.17, the Enterprise Wiki.
•   |  Report a bug
•  |  Atlassian News