33 lines
802 B
Org Mode
33 lines
802 B
Org Mode
# Created 2021-07-16 Fri 15:51
|
|
#+TITLE: Cisco Notes #+Author: Yann Esposito
|
|
#+AUTHOR: Yann Esposito
|
|
* Device Flow [2021-07-16 Fri]
|
|
|
|
** Implications for IROH/SecureX/CTR
|
|
|
|
OAuth2 is about linking two accounts of the same person between two
|
|
different services.
|
|
|
|
In the OAuth2 RFC only 4 *Grants* are described:
|
|
|
|
- Authorization Code*
|
|
- Implicit (we explicitly removed the support in IROH-Auth)
|
|
- Resource Owner Password Credentials
|
|
- Client Credential*
|
|
|
|
With these we handle:
|
|
|
|
- scripts
|
|
- websites with a backend
|
|
|
|
** Native Applications & SPA (PKCE)
|
|
|
|
An additional RFC exists to improve the support of Native Applications and
|
|
Single Page Applications.
|
|
|
|
It was easily introduced a few years back for SSE.
|
|
|
|
** Device Grant
|
|
|
|
- *All on-premise devices*
|
|
- *All devices without input access or browser access*.
|