oauth 2.0 - Oauth2 flow with Ory - Auth0 - Stack Overflow

admin管理员组

文章数量:1418676

The client (using Auth0) wants to start an Oauth2 OpenID flow to get a session from our IDP (Ory) using only Auth0 sign-in.

• Auth0 redirect to Ory initiating a oauth2 OpenID code flow using pkce and a redirect URI to their server
• Ory redirects instantly (without consent) to Auth0 with an oauth2 code flow that opens Auth0 sign-in (where the user has his credentials) where they will set the sub
• Once logged-in, they redirect back to Ory where we recognize the sub and give a session for the designed user (because Ory trusts Auth0 to authenticate our user)
• We redirect back to their server, and they retrieve the code to get an Ory access token. The best would be to give them also a session cookie if possible because the client using Auth0 wants to use our API (with an access token) but also integrate some webview of our platform into theirs.

本文标签： oauth 20Oauth2 flow with OryAuth0Stack Overflow