Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
U
U
username_m172021-01-08 14:09:38
Open ID
username_m17, 2021-01-08 14:09:38

How to properly interact Web Application and OpenId Connect?

Understanding OpenId Connect. Where is the right place to store user access rights to the private parts of the resource (MVC application + many Rest Api)?

1. On the resource side (the resource requests only OpenId + Profile Claims from the authentication server). Clients knock on the User Access End Point on the resource to find out if the user has rights (to the Api).
2. On the authentication server side (resource requests OpenId + Profile + App Scopes). The resource edits the user's access rights via Api.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
Ivan Shumov, 2021-01-08
@username_m17

There is no right way. Both work and are used in different cases.

Similar questions
M
Maxim Melnikov2016-11-23 17:59:27
Working example of express + passport + openid? 0Reply
J
jslby2014-12-18 22:22:55
How to organize authorization on Codeigniter? 1Reply
A
Asya A2019-07-01 07:19:41
Is it possible to get and store in the database the name and photo of a user from his social network account using OpenID? 1Reply
P
pcdesign2015-03-21 12:10:58
What to do with login? 1Reply
A
Alex Wells2015-08-21 03:25:27
How to work with Laravel Steam Auth? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question