Using OAuth 2.0 and OpenID Connect
- Overview of OAuth 2.0 and OpenID Connect
- How InterSystems IRIS Supports OAuth 2.0 and OpenID Connect
- Supported Scenarios
- InterSystems IRIS Support for OAuth 2.0 and OpenID Connect
- Standards Supported in InterSystems IRIS
- Using an InterSystems IRIS Web Application as an OAuth 2.0 Client
- Prerequisites for the InterSystems IRIS Client
- Configuration Requirements
- Outline of Code Requirements
- Obtaining Tokens
- Examining the Token(s)
- Adding an Access Token to an HTTP Request
- Optionally Defining Delegated Authentication for the Web Client
- Variations
- Revoking Access Tokens
- Rotating Keys Used for JWTs
- Getting a New Public JWKS from the Authorization Server
- Using an InterSystems IRIS Web Application as an OAuth 2.0 Resource Server
- Prerequisites for the InterSystems IRIS Resource Server
- Configuration Requirements
- Code Requirements
- Examining the Token(s)
- Variations
- Using InterSystems IRIS as an OAuth 2.0 Authorization Server
- Configuration Requirements for the InterSystems IRIS Authorization Server
- Code Customization Options and Overall Flow
- Implementing the Custom Methods for the InterSystems IRIS Authorization Server
- Details for the %OAuth2.Server.Properties Object
- Locations of the Authorization Server Endpoints
- Creating Client Definitions on an InterSystems IRIS OAuth 2.0 Authorization Server
- Rotating Keys Used for JWTs
- Getting a New Public JWKS from a Client
- Creating Configuration Items Programmatically
- Creating the Client Configuration Items Programmatically
- Creating the Server Configuration Items Programmatically
- Implementing DirectLogin()
- Certificates and JWTs (JSON Web Tokens)
- Using Certificates for an OAuth 2.0 Client
- Using Certificates for an OAuth 2.0 Resource Server
- Using Certificates for an OAuth 2.0 Authorization Server
- Working with JWT Headers