cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Beryozkin (JIRA)" <j...@apache.org>
Subject [jira] [Created] (FEDIZ-172) OIDC DataProvider should support client_credentials clients
Date Wed, 27 Jul 2016 08:58:20 GMT
Sergey Beryozkin created FEDIZ-172:
--------------------------------------

             Summary: OIDC DataProvider should support client_credentials clients 
                 Key: FEDIZ-172
                 URL: https://issues.apache.org/jira/browse/FEDIZ-172
             Project: CXF-Fediz
          Issue Type: Improvement
          Components: OIDC
            Reporter: Sergey Beryozkin
             Fix For: 1.3.1


OAuth2 Client Credentials (https://tools.ietf.org/html/rfc6749#section-4.4) is a simplest
way for OAuth2 machine clients to request the access token.

For example, instead of the machine client authenticating with STS first and then using the
received assertion to authenticate against OAuth2 AccessTokenService and use client_credentials
to get an access token it is much simpler for such a client to simply authenticate directly
with the 
AccessTokenService:

https://tools.ietf.org/html/rfc6749#section-4.4.2

In this case the step involving the client authenticating with STS will be done by AccessTokenService.

Both approaches are equivalent but the latter is simpler for the client and makes the client
code OAuth2-portable.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message