Jump to: navigation, search

Changes


Single Sign-On

348 bytes added, 20:19, 21 November 2023
/* Architecture and flow (OIDC) */
## The content web service checks whether the {{UBIK}} session is valid.
## The content web service processes the app's request, including an interaction with a 3rd party service. For authorization, it sends along the SSO token the app provided before.
 
The above diagram explains the authorization code flow using OIDC, applied to {{UBIK}}. For SAML, the only real difference is the reception of the IdP's response at the app, which happens via a mediator server in that case, necessarily (the SAML protocol does not support redirecting the result to a mobile app).
 
[[Category:SSO|Single Sign-On]]
 
= See also =
* [[HowTo:Integrate_UBIK_in_an_SSO_Environment|How to integrate {{UBIK}} in an SSO environment]]
[[Category:SSO|Single Sign-On]]
1,620
edits