Cloudentity comes with an OAuth authorization server built-in to every workspace. This means that you can easily set up a secure, scalable authorization server with just a few clicks.
You can spin up as many workspaces as you wish and each of them will have its own authorization server instance. Depending on the workspace profile you choose, the authorization server can comply, for example, with a specific Open Banking specification out-of-the-box. This provides greater flexibility and allows you to easily manage access to your resources across multiple services and applications. Additionally, Cloudentity supports many OAuth and OIDC Open Standards and is certified in different conformance profiles so you can easily adjust the authorization server’s configuration to match your business requirements.
Next Steps
-
Add Applications for user authentication or to enable your software to access protected resources.
-
Add M2M Clients for calling APIs in a machine to machine environments.
-
Configure Authorization Flows (Grant Types) and OAuth extensions that the authorization server allows connected client applications to use.
-
Define which client authentication methods client applications can use.
-
Enable OAuth Dynamic Client Registration to allow client applications to obtain the necessary credentials and configuration information from the authorization server in order to authenticate users and access resources.
-
Configure tokens minted by the authorization server and issued to authorized and authenticated client applications.
-
Configure the consent screen displayed to users in the process when a user grants permission for a client application to access their resources on an OAuth authorization server.
-
Configure access control (authorization) settings for the authorization server. (also workspace) to, for example, assign access policies that validate user attributes before minting an access token.
-
Set up authentication context to create a common schema that will be used to represent the user data from different identity sources. This schema could include fields for the user’s unique identifier, username, password, email address, and any other relevant information.