Cisco.org.tmp9v5uH2.org
This commit is contained in:
parent
c648473daa
commit
8de431f6fa
1 changed files with 33 additions and 0 deletions
33
Cisco.org.tmp9v5uH2.org
Normal file
33
Cisco.org.tmp9v5uH2.org
Normal file
|
@ -0,0 +1,33 @@
|
|||
# Created 2021-07-16 Fri 15:51
|
||||
#+TITLE: Cisco Notes #+Author: Yann Esposito
|
||||
#+AUTHOR: Yann Esposito
|
||||
* Device Flow [2021-07-16 Fri]
|
||||
|
||||
** Implications for IROH/SecureX/CTR
|
||||
|
||||
OAuth2 is about linking two accounts of the same person between two
|
||||
different services.
|
||||
|
||||
In the OAuth2 RFC only 4 *Grants* are described:
|
||||
|
||||
- Authorization Code*
|
||||
- Implicit (we explicitly removed the support in IROH-Auth)
|
||||
- Resource Owner Password Credentials
|
||||
- Client Credential*
|
||||
|
||||
With these we handle:
|
||||
|
||||
- scripts
|
||||
- websites with a backend
|
||||
|
||||
** Native Applications & SPA (PKCE)
|
||||
|
||||
An additional RFC exists to improve the support of Native Applications and
|
||||
Single Page Applications.
|
||||
|
||||
It was easily introduced a few years back for SSE.
|
||||
|
||||
** Device Grant
|
||||
|
||||
- *All on-premise devices*
|
||||
- *All devices without input access or browser access*.
|
Loading…
Reference in a new issue