- Authentication - Confirm user identity through various credentials. At the lowest level, username and corresponding password.
- Authorization - Grant or limit access to the identified user. Dualog Access only authenticates users. Access control must be implemented at the end application.
- Multi-factor authentication - In addition to a username/password, one or multiple other authentication methods must be used to authenticate, like receiving an access code on SMS or using an authentication app on your phone. If implementing multi-factor authentication, make sure all methods are possible to use in the environment where the applications are used (ex: do not use SMS as authentication if GSM coverage is unavailable). Dualog Access will not support SMS type authentication
- Flows or grant types OAuth 2.0 - Supports multiple grant types (or flows). Different grant types have different ways of how to retrieve the token required to access a resource. What grant type to choose depends on the application/device type.
- Single sign-on (SSO) - Sign in once for multiple applications. Single Sign-on will require sharing of the access token, like through a browser-based login.
- Native Login Flow - Login is performed directly in the application.
- Native Application - Mobile or desktop application
- Regular/Traditional Web Application - Web application where most of the logic is executed in the cloud.
- Single-Page Web Application - Web application where most of the logic is executed in the browser. The application communicates with the server via API’s.
- Machine-to-Machine Application - Non-interactive applications or devices (no UI).
- Browser-Based Login Flow - The user is either redirected to a web page to perform the login or the login web page is embedded into the application.
- Resource Owner (The User) - An entity capable of granting access to a protected resource. The resource owner can be a person (the end-user).
- Resource Server (the API Server) - The server hosting the protected resources, capable of accepting and responding to protected resource requests using access tokens.
- Client - An application making protected resource requests on behalf of the resource owner and with its authorization.
- Authorization Server - The server issues access tokens to the client after successfully authenticating the resource owner and obtaining authorization.
- User Agent - Agent used by the Resource Owner to interact with the Client (for example, a browser or a native application).
- Client Secret - This is a secret provided by the organization owner. This value corresponds to the value configured for this application on Dualog Portal.
- Scope - Values indicating which parts of the user's account you wish to access. Available scopes must be obtained from the organization owner.
- Form Post Response Mode - In this mode, Authorization Response parameters are encoded as HTML form values that are auto-submitted in the User-Agent and thus are transmitted via the HTTP POST method to the Client, with the result parameters being encoded in the body using the application/x-www-form-urlencoded format.
Please sign in to leave a comment.