FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    What are the different servers called in an OAuth flow?

    Scheduled Pinned Locked Moved
    Q&A
    0
    2
    728
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      akira
      last edited by akira

      I want to know what the different servers involved are called in the OAuth flow using JWTs. I know one of the servers issues the JWT, and the other server validates the JWT, but I don't know what these servers are named. Can you tell me?

      1 Reply Last reply Reply Quote 0
      • A
        akira
        last edited by akira

        The server that issues and signs the JWT is called the Authorization Server. This is what FusionAuth is, as we issue and sign the JWTs which are then presented to other servers via API calls.

        The servers that are connected to resources that a user is trying to access by first authenticating with a JWT are called Resource Servers.

        So, for example, if you have a ToDo app, where a user is trying to access a list of ToDo items, the user would first authenticate with the external IdP. Then the JWT is issued by that IdP, passed to the client, and then the client would present that JWT to the resource server to gain access to the ToDo items.

        For what it's worth, in SAML the auth server coincides with the IdP, and the resource server coincides with the Relying Party.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post