Using OAuth 2.0 and OpenID Connect

• Overview of OAuth 2.0 and OpenID Connect
• Basics
• Roles
• Access Tokens
• Grant Types and Flows
• Scopes
• Endpoints in an Authorization Server
• How InterSystems IRIS Supports OAuth 2.0 and OpenID Connect
• Supported Scenarios
• InterSystems IRIS Support for OAuth 2.0 and OpenID Connect
• Standards Supported in InterSystems IRIS
• Using an InterSystems IRIS Web Application as an OAuth 2.0 Client
• Prerequisites for the InterSystems IRIS Client
• Configuration Requirements
• Outline of Code Requirements
• Obtaining Tokens
• Examining the Token(s)
• Adding an Access Token to an HTTP Request
• Optionally Defining Delegated Authentication for the Web Client
• Revoking Access Tokens
• Rotating Keys Used for JWTs
• Getting a New Public JWKS from the Authorization Server
• OAuth 2.0 Client Variations
• Disabling PKCE
• Implicit Grant Type
• Password Credentials Grant Type
• Client Credentials Grant Type
• Performing the Redirect within OnPreHTTP
• Passing Request Objects as JWTs
• Calling Other Endpoints of the Authorization Server
• Using an InterSystems IRIS Web Application as an OAuth 2.0 Resource Server
• Prerequisites for the InterSystems IRIS Resource Server
• Configuration Requirements
• Code Requirements
• Examining the Token(s)
• Variations
• Using InterSystems IRIS as an OAuth 2.0 Authorization Server
• Configuration Requirements for the InterSystems IRIS Authorization Server
• Code Customization Options and Overall Flow
• Implementing the Custom Methods for the InterSystems IRIS Authorization Server
• Details for the %OAuth2.Server.Properties Object
• Locations of the Authorization Server Endpoints
• Creating Client Definitions on an InterSystems IRIS OAuth 2.0 Authorization Server
• Rotating Keys Used for JWTs
• Getting a New Public JWKS from a Client
• Creating Configuration Items Programmatically
• Creating the Client Configuration Items Programmatically
• Creating the Server Configuration Items Programmatically
• Implementing DirectLogin()
• Certificates and JWTs (JSON Web Tokens)
• Using Certificates for an OAuth 2.0 Client
• Using Certificates for an OAuth 2.0 Resource Server
• Using Certificates for an OAuth 2.0 Authorization Server
• Working with JWT Headers
• Adding Header Values (Authorization Server)
• Adding Header Values (Direct JWT Generation)
• Processing JWT Headers