Jackson as a Separate Service #2468
-
|
The documentation for SSO with Jackson describes two options for usage: Separate Service, or embedded via npm In the 'Separate Service' scenario, it is not clear to me how the downstream web application (in our case a NextJS WebApplication, using NextAuth) gains access to the user profile information. Given that all the authentication processing takes place in the separately hosted Jackson Service, how is the authenticated user profile then accessed? Apologies if I am asking a question that should be obvious from the documentation. Any pointers here are much appreciated! Thanks in advance |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 3 replies
-
|
It's part of the OAuth 2.0/OIDC flow between your web app and us, starts with authorize and ends with exchange of the code we call you back with for an access token and then userprofile. |
Beta Was this translation helpful? Give feedback.
-
|
To put it another way, we wrap the SAML SP login flow with an OAuth 2.0 flow. |
Beta Was this translation helpful? Give feedback.
-
|
OK, @deepakprabhakara, so the actors and relationships are essentially something like this?
If so, got it. Thanks for the clarification, and I'll mark the above as the answer. |
Beta Was this translation helpful? Give feedback.
-
|
@jamshally That's correct |
Beta Was this translation helpful? Give feedback.
It's part of the OAuth 2.0/OIDC flow between your web app and us, starts with authorize and ends with exchange of the code we call you back with for an access token and then userprofile.