form_post sends the token response as a form post instead of a fragment encoded redirect.id_token token requests an identity token and an access token (both resource and identity scopes are allowed).token requests an access token (only resource scopes are allowed).must exactly match one of the allowed redirect URIs for that client.You either use a web browser or a web view to start the process.
WHAT IS IDENTITY API SCOPE APPROVAL UI CODE
The authorization endpoint can be used to request either access tokens or authorization codes (implicit and authorization code flow). The implicit flow is used when a client-side application (typically a JavaScript app running in the browser) needs to access an API directly rather than via its back-end server. The server flow allows the back-end server of an application to verify the identity of the person using a browser or mobile device. The most commonly used approaches for authenticating a user and obtaining an ID token are called the server flow and the implicit flow.
ID tokens are a standardized feature of OpenID Connect designed for use in sharing identity assertions on the Internet. In order to authenticate a user, you must obtain an ID token and validate it. To define your redirect URI, navigate to the My Account page within the eSD GURU API website and enter the destination in the corresponding field. The redirect URI determines the destination where eSchoolData sends responses to your application’s authentication requests. For future reference, your application’s Client ID and Client Secret can be accessed from the My Account page within the eSD GURU API website. Once an account has been created for your application, the district will provide you with a Client ID and Client Secret, which will be needed to access the eSD GURU API website and developer tools, authenticate users, and gain access to the API.
If you want to explore this protocol interactively, we recommend the eSchoolData OAuth 2.0 API Explorer.īefore your application can use eSchoolData's OAuth 2.0 authentication system for user login, you must complete the following steps:ĮSchoolData districts must authorize access to the eSD GURU API by provisioning accounts for approved vendors. The documentation found in Using OAuth 2.0 to Access eSchoolData APIs also applies to this service. This document describes our OAuth 2.0 implementation for authentication, which conforms to the OpenID Connect specification. ESchoolData's OAuth 2.0 APIs can be used for both authentication and authorization.
0 kommentar(er)
