Integrated Application

tags :

In OAuth2 #

This usually refers to an application that is integrated with an identity provider (IdP) or authorization server for authentication and authorization purposes.

• It’s often registered with the IdP and given credentials (like a client ID, and possibly a client secret) to participate in OAuth flows (OAuth flow types).

Observation #

• OAuth2 leverages the Browser’s capability to redirect to another URL.
• Client (public) redirects to integrated application (which interact with IdP securely) for authentication
• After the authentication the user is redirected by to the client with Authorization Code

Types of Integrated Application in IAM in OCI #

• Application Catalog

  Add an application from the Application Catalog.

  Choose from a collection of partially configured application templates for popular Software as a Service (SaaS) applications, such as Amazon Web Services and Google Suite. Using the templates, you can define the application, configure SSO, and configure provisioning.

• SAML Application

  Create an application that supports SAML for single sign-on.

  Create a Security Assertion Markup Language (SAML) application that allows users to use single sign-on (SSO) to access your software as a service (SaaS) applications that support SAML for SSO.

• Mobile Application

  Create a mobile/single-page application that uses OAuth 2.0.

  Mobile applications are hosted directly on the resource owner’s browser, machine, or mobile device. An example of this type of application is an Android or iPhone application. A mobile application can run in multiple environments outside of your control. Because these environments are not trusted, this type of application has reduced integration options. These applications cannot maintain the confidentiality of their client secret.

• Confidential Application

  Create a web-server/server-side application that uses OAuth 2.0.

  A confidential application is accessed by multiple users and hosted on a secure and protected server. Applications that can protect their OAuth client ID and client secret are called confidential applications. These applications typically run on a server and can maintain the confidentiality of their client secret.

• Enterprise Application

  Create a web application that is protected by the App Gateway.

  Enterprise applications are web applications that require App Gateway to integrate with an identity domain for authentication purposes. Oracle App Gateway passes HTTP headers to the applications after authenticating and authorizing the user’s access.