Select release
Overview

Introduction

Basic Definitions

Components

Web Flow Architecture

OAuth 2.0 Integration

User’s Guide

Applications

Web Flow Server

Next Step Server

Data Adapter

PowerAuth Server

PowerAuth Admin

PowerAuth Push Server

REST APIs

NextStep Server REST API Reference

Data Adapter REST API Reference

Web Flow REST API Reference

Mobile Push Registration API

Mobile Token REST API Reference

Deployment

Web Flow Installation Manual

Deploying Web Flow on JBoss / Wildfly

Database Table Structure

Migration Instructions

Docker Deployment

Customizing Web Flow

Customizing Web Flow Appearance

Implementing Data Adapter Interface

Web Flow Configuration

Configuring Next Step Definitions

Customizing Operation Form Data

Mobile Token Configuration

Technical Notes

Operation Data Structure

Off-line Signatures QR Code

Web Socket Communication Protocol

Used Push Message Extras

Development

Compilation, Packaging and Deployment

Releases

Releases

OAuth 2.0 Integration

Edit on Github Send Feedback v0.23.2

Web Flow serves a role of an OAuth 2.0 provider.

The OAuth 2.0 standard defines following components:

  • OAuth 2.0 Authorization Server - a server providing authorization services
  • OAuth 2.0 Resource Server - a server providing access to resources
  • OAuth 2.0 Client - a client using the authorization services

OAuth 2.0 Authorization Server

Web Flow implements the authorization code grant type from the OAuth 2.0 specification. No other grant types are supported. The Authorization Server is provided by the powerauth-webflow project.

Web Flow provides following endpoints:

  • /oauth/authorize - main OAuth2.0 endpoint which triggers processing of a Web Flow operation
  • /oauth/token - provides access to the OAuth 2.0 token

Web Flow only uses OAuth 2.0 access tokens and does not issue refresh tokens.

OAuth 2.0 Resource Server

Web Flow implements a basis Resource Server which provides access to the user profile. The Resource Server is provided by the powerauth-webflow-resources project.

Web Flow Resource Server provides following endpoints:

  • /api/secure/profile/me - provides information about authenticated user (user ID, firstName, familyName), connection (language, SCA) and service (application name, environment, timestamp)
  • /api/secure/profile/me/info - provides user information for OpenID Connect (OIDC)

OAuth 2.0 Client

A sample OAuth 2.0 client is implemented in the powerauth-webflow-client project. It is expected that during Web Flow deployment a similar client will be created for preparing data and form data related to the operation.

The sample code for creating an operation and customizing operation form data is available in the Customizing Operation Form Data chapter.

The Data Adapter project can be used to customize the OAuth 2.0 screen with custom form and options. The consent form is shown in Web Flow when the CONSENT method is included in operation steps.

Last updated on Nov 02, 2019 (03:37) Edit on Github Send Feedback
On this page:
Search

0.23.x

PowerAuth Web Flow