Which Grant, Which Identities – Back from RSA
The Integration Zone is brought to you in partnership with Red Hat. Download the IDC Report: The Business Value of Red Hat Integration Products to learn more about Red hat Integration.
- From the inside, by internal applications that do not act on behalf of a particular subscriber but from the provider’s perspective
- From the outside, by applications that act on behalf of individual subscribers
OAuth 2.0 provides 4 core grant types that address different situations. In the case of the example described above, you could use the client creds grant type for the first type of access. It should be possible to permit different scopes to different client ids. The internal client ids would be allowed to request wider scopes. For the second type of consumption, the external one, any of the other 3 grant types could be applicable.
Hope to see you at RSA next year.