Skip to content

OpenID Connect Provider (OP)#

The Janssen Authentication Server has core OAuth 2.0 support as well as many other related specs:

  • The OAuth 2.0 Authorization Framework (spec)
  • The OAuth 2.0 Authorization Framework: Bearer Token Usage (spec)
  • JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens (spec)
  • JSON Web Token (JWT) (spec)
  • OAuth 2.0 Token Introspection (spec)
  • OAuth 2.0 Device Authorization Grant (spec)
  • OAuth 2.0 Token Revocation (spec)
  • Proof Key for Code Exchange by OAuth Public Clients (PKCE) (spec)
  • OAuth 2.0 for Native Apps (spec)
  • OAuth 2.0 Token Exchange (spec)
  • OAuth 2.0 Authorization Server Metadata (spec)
  • OAuth 2.0 Dynamic Client Registration Protocol (spec)
  • OAuth 2.0 Pushed Authorization Requests (spec)
  • OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP) (spec)
  • OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens (spec)
  • Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants (spec)
  • JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) (spec)
  • OAuth 2.0 for First-Party Native Applications (spec draft)
  • The Use of Attestation in OAuth 2.0 Dynamic Client Registration (spec draft)
  • OpenID Connect Core Error Code unmet_authentication_requirements (spec)

Protocol Overview#

OAuth 2.0 is the industry-standard protocol for authorization. OAuth 2.0 focuses on client developer simplicity providing specific authorization flows for different applications (e.g. web applications, desktop applications, mobile phones, and other devices).

It's handy to know some OAuth 2.0 terminology:

  • resource owner - An entity capable of granting access to a protected resource. When the resource owner is a person, it is referred to as an end-user.

  • resource server - The server hosting the protected resources, capable of accepting and responding to protected resource requests using access tokens.

  • client - An application making protected resource requests on behalf of the resource owner and with its authorization. The term "client" does not imply any particular implementation characteristics (e.g., whether the application executes on a server, a desktop, or other devices).

  • authorization server - The server issuing access tokens to the client after successfully authenticating the resource owner and obtaining authorization.

Have questions in the meantime?#

You can ask questions through GitHub Discussions or the community chat on Gitter. Any questions you have will help determine what information our documentation should cover.

Want to contribute?#

If you have content you'd like to contribute to this page in the meantime, you can get started with our Contribution guide.

Last update: 2024-04-03
Created: 2022-09-02