Skip to main content

Applications overview

Learn the core concepts of applications in SecureAuth.

What is an application?

An application in the SecureAuth CIAM platform is defined as a Client and a Service:

  • Client – An OAuth 2.0 Client or a SAML Service Provider that consumes tokens and assertions issued by the SecureAuthplatform. Applications use these tokens for user authentication or service consumption.

  • Service – The OAuth 2.0 Resource Server in a SecureAuth workspace, which which groups APIs into services for fine-grained access control.

Services also include microservices, which have their own identities for internal access control. Unlike resource servers, microservices do not rely on access tokens when communicating with each other.

Client application types

SecureAuth applies different default settings based on the client application type:

OAuth

Type

Grant types

Response yypes

Auth method

Notes

Single Page App

Authorization Code Flow

Code, Token, ID

None

Public client with no client secret

Server-Side Web App

Authorization Code Flow

Code, Token

client_secret_post

Private client

Mobile/Desktop App

Authorization Code Flow

Code, Token, ID

None

Public client with no client secret

Service App

Client Credentials Flow

Token

client_secret_post

Private client

Single Page (Legacy)

Implicit Flow

Token

None

Public client with no client secret

SAML

  • SAML Service Provider – Accepts and processes SAML assertions for authentication.

Adding applications

SecureAuth lets you add and manage applications and services:

SAML applications expose SSO login and metadata endpoints. SecureAuth protects their resources by enforcing policies such as MFA requirements.