IBM Tivoli Federated Identity Manager, Version 6.2.2.7
OAuth reference
This topic contains references about the enforcement points
and their custom properties, external authorization service (EAS)
stanzas, and HTML template pages for both. This topic applies to both
OAuth 1.0 and OAuth 2.0.
OAuth STS Interface for Authorization Enforcement Points
Use the WS-Trust interface to directly contact an OAuth
Security Token Service (STS) trust chain in Tivoli Federated
Identity Manager to validate a request
for an OAuth protected resource. An OAuth enforcement point intercepts
requests for OAuth protected resources. The OAuth enforcement point
also validates the request with Tivoli Federated
Identity Manager, and passes the request
through, if it is valid. If the request is not valid, the enforcement
point denies access to the protected resource.
OAuth 1.0 template page for consent to authorize
The OAuth server uses this page
to determine
and store user consent information about which OAuth clients are authorized
to access the protected resource. This page also indicates which scope
is requested by the OAuth client.
OAuth 1.0 template page for response
Use this HTML page when the callback
URI is
set to oob in the request for temporary credentials
or in the partner registration.
OAuth 1.0 template page for errors Tivoli Federated
Identity Manager uses
a generic error template page to show detailed text information when
an error occurs in an OAuth 1.0 flow.
OAuth 2.0 template page for consent to authorize
The authorization server uses this page to
determine and
store user consent information about which OAuth clients are authorized
to access the protected resource. This page also indicates scopes
that the OAuth client requests.
OAuth 2.0 template page for response
Use this HTML page to show the authorization
code of an
OAuth client that did not specify a client redirection URI upon partner
registration.
OAuth 2.0 template page for errors Tivoli Federated
Identity Manager uses
a generic error template page to show detailed text information when
an error occurs in an OAuth 2.0 flow.