With cidaas we provide out-of-the-box a modern, innovative access control and identity management as a service. Based on OAuth2.0 and OpenID Connect, cidaas can be integrated flawlessly into your solutions.
How does OAuth2.0 and OpenID Connect work?
With OAuth2.0 it is possible to secure your APIs in a standardized way and authorize access. OpenID Connect builds on the OAuth2.0 standard and extends its capabilities to identity management. The access token is a central element of these standards. After a successful authentication event, an access token is issued for an application. The graphic illustrates the flow.
This is how you start integrating cidaas into your platform:
In OAuth2.0 there are so-called clients, these represent an application (mobile app, single page application, etc.). To make your application known to cidaas, it is necessary to create a new app in the Admin UI of cidaas. This is possible in the App Settings tab. You can find detailed information about apps in cidaas here
To integrate the login & registration, an Authz URL is required. How to create an Authz URL is explained here
After a user has successfully logged in or registered, cidaas will redirect to your application using the Redirect URL. The redirect URL is included in the Authz URL created in step 02. It must first be stored as a permitted URL in the app settings.
Depending on which flow you have chosen (token or code), you will receive a token or code as a parameter in the redirect URL. In the code flow, the code is exchanged for a token in an API call. Once you have a token, you have completed the authentication process and can use this token to access other applications and cidaas.
Integration into your existing AD/LDAP systems
cidaas offers the possibility of integrating AD, LDAP and ADFS. So, you have the possibility to integrate your employees and legacy systems in the first step and finally get a smooth transition to the de facto standard OpenID Connect and OAuth2.