Sergey Beryozkin created FEDIZ-172:
--------------------------------------
Summary: OIDC DataProvider should support client_credentials
clients
Key: FEDIZ-172
URL: https://issues.apache.org/jira/browse/FEDIZ-172
Project: CXF-Fediz
Issue Type: Improvement
Components: OIDC
Reporter: Sergey Beryozkin
Fix For: 1.3.1
OAuth2 Client Credentials (https://tools.ietf.org/html/rfc6749#section-4.4) is
a simplest way for OAuth2 machine clients to request the access token.
For example, instead of the machine client authenticating with STS first and
then using the received assertion to authenticate against OAuth2
AccessTokenService and use client_credentials to get an access token it is much
simpler for such a client to simply authenticate directly with the
AccessTokenService:
https://tools.ietf.org/html/rfc6749#section-4.4.2
In this case the step involving the client authenticating with STS will be done
by AccessTokenService.
Both approaches are equivalent but the latter is simpler for the client and
makes the client code OAuth2-portable.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
