Applications overview
Learn the core concepts of applications in SecureAuth.
What is an application?
An application in the SecureAuth CIAM platform is defined as a Client and a Service:
Client – An OAuth 2.0 Client or a SAML Service Provider that consumes tokens and assertions issued by the SecureAuth platform. Applications use these tokens for user authentication or service consumption.
Service – The OAuth 2.0 Resource Server in a SecureAuth workspace, which which groups APIs into services for fine-grained access control.
Services also include microservices, which have their own identities for internal access control. Unlike resource servers, microservices do not rely on access tokens when communicating with each other.
Client application types
SecureAuth applies different default settings based on the client application type:
OAuth
Type | Grant types | Response yypes | Auth method | Notes |
|---|---|---|---|---|
Single Page App | Code, Token, ID | Public client with no client secret | ||
Server-Side Web App | Code, Token | Private client | ||
Mobile/Desktop App | Code, Token, ID | Public client with no client secret | ||
Service App | Token | Private client | ||
Single Page (Legacy) | Token | Public client with no client secret |
SAML
SAML Service Provider – Accepts and processes SAML assertions for authentication.
Adding applications
SecureAuth lets you add and manage applications and services:
Add OAuth or SAML clients manually
Add services:
Using automatic service discovery via API gateways or service meshes
Dynamic registration – Enable developers to register apps dynamically using OAuth DCR or SecureAuth developer portals
SAML applications expose SSO login and metadata endpoints. SecureAuth protects their resources by enforcing policies such as MFA requirements.