OAuth Authorization Servers
SecureAuth provides a built-in OAuth authorization server in every workspace. Use it to authenticate users, manage app permissions, and issue access tokens. Each workspace has its own authorization server instance that you can configure to your requirements.
SecureAuth OAuth server capabilities
OAuth authorization server built into every workspace. This means you can set up a secure, scalable authorization server without separate infrastructure.
Multiple workspace profiles. Choose a workspace profile that matches your needs. For example, SecureAuth offers profiles pre-configured for Open Banking standards. You can also customize the configuration to match your specific requirements.
Standards compliance. SecureAuth supports many OAuth and OIDC Open Standards and is certified in different conformance profiles, so you can adjust your authorization server to meet business and regulatory requirements.
How OAuth authorization works
The following sequence diagram shows how a user grants an app permission to access their data through an authorization server:
View OAuth authorization sequence
Get started
- Create OAuth authorization server
- Add applications for user authentication or to enable your software to access protected resources
- Add M2M clients for calling APIs in machine-to-machine environments
Configure your server
- Configure authorization flows and grant types that your client applications can use
- Configure client authentication methods that applications use to authenticate to your server
- Configure tokens issued by your authorization server
- Configure the consent screen that users see when granting app permissions
- Set up authentication context to define the common schema for user data from different identity sources
Advanced configuration
- Enable OAuth Dynamic Client Registration to allow apps to self-register with your authorization server
- Configure access control policies to validate user attributes and enforce fine-grained authorization rules before issuing access tokens