Get the latest tech news

Identity Assertion Authorization Grant


This specification provides a mechanism for an application to use an identity assertion to obtain an access token for a third-party API using Token Exchange and JWT Profile for OAuth 2.0 Authorization Grants .

ΒΆ The example flow is for an enterprise acme, which uses a wiki app and chat app from different vendors, both of which are integrated into the enterprise's Identity Provider using OpenID Connect. This specification is constrained to deployments where all Resource Application Resource Servers are leveraging the same IdP Authorization Server for Single-Sign-On (SSO) and session management services. The IdP provides a consistent trust boundary enabling the set of Resource Application Authorization Servers to honor the JWT Authorization Grant (ID-JAG) issued by the IdP.

Get the Android app

Or read this on Hacker News