• |
1 |
When the application starts it checks for an existing ID Token stored from a previous authentication. If an ID Token does not exist the application sends an authentication request using the system browser to start the OpenID® Connect Authorization Code Flow. However if an ID Token does exist, the application skips to Step 4. |
5 |
The Web API validates the Access Token by using it to call the Cloud Access Manager User Info Endpoint. The validation is performed using the provided OWIN middleware which will cache the User Info responses. The OWIN middleware will also verify that the Access Token was scoped for itself by checking that the User Info response contains at least one of its scopes. The claims returned from the User Info Endpoint are used by the Web API to identify the user and control their access. |
1 |
Make sure that the settings on the OpenID Connect / OAuth 2.0 Settings page are as follows: |
2 |
Make sure that the settings on the Token Settings page are as follows: |
3 |
Make sure that the settings on the Claim Mapping page are as follows: |
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center