Glossary

A

Access Token

An Access Token is a piece of data that represents the authorization to access resources on behalf of the end-user. The access token is typically in the form of a JSON web token (JWT).

Authorization Server

Server that authenticates the Resource Owner and issues access tokens after getting proper authorization.

Auto-linking

The process of automatically associate an external identity provider with a user, which can be used to associate more than one identity provider with an user account and/or to remove the need to send an invitation to a user.

Auto-provision

The process of automatically create a user based on information from an external identity provider, which remove the need for any manual administration of users.

C

Claim

A statement (for example a name or an email address) about an entity (typically the user). Here is a list of supported claims.

Client

Application requesting access to a protected resource on behalf of the Resource Owner.

I

Identity Provider or Identity Server

Server that identifies an entity (typically the user) and issues token after proper authentication.

J

JSON web token (JWT)

JWTs contain claims (for example a name) about an entity (typically the user) plus some extra metadata.

L

Linked users

Linked users are users in different tenants where all of them will get the same sub claim (unique identifier).

O

OAuth 2.0

OAuth 2.0 is a protocol used to access HTTP resources (API:s) on behalf of the user (resource owner) without sharing the user’s credentials.

OpenID Connect

OpenID Connect (OIDC) is an identity layer on top of OAuth 2.0 that makes it easy to verify a user’s identity and retrieve basic information about the user from the identity provider.

R

Resource Owner

Entity that can grant access to a protected resource. Typically, this is the end-user (User).