Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
U
U
username_m172021-01-08 14:09:38
Open ID
username_m17, 2021-01-08 14:09:38

How to properly interact Web Application and OpenId Connect?

Understanding OpenId Connect. Where is the right place to store user access rights to the private parts of the resource (MVC application + many Rest Api)?

1. On the resource side (the resource requests only OpenId + Profile Claims from the authentication server). Clients knock on the User Access End Point on the resource to find out if the user has rights (to the Api).
2. On the authentication server side (resource requests OpenId + Profile + App Scopes). The resource edits the user's access rights via Api.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
Ivan Shumov, 2021-01-08
@username_m17

There is no right way. Both work and are used in different cases.

Similar questions
A
Alex Wells2015-08-21 03:25:27
How to work with Laravel Steam Auth? 1Reply
Y
Yxine2015-08-29 01:21:30
Authentication through ESIA. Is there an implementation in C#? 4Reply
S
Slava Anzhiganov2017-11-08 15:15:38
What is better to choose OpenID or OAuth? 1Reply
S
Sn0wSky2017-11-24 20:56:58
How to make OpenID authorization to your server in a Chrome extension? 0Reply
N
Nikita2017-12-07 12:40:42
Is there a bug tracker that supports logging in with a Steam ID? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question