OpenID Connect Support in Cloud is Here!
admin 149 2025-01-02 编辑
OpenID Connect support just went live on Cloud!
So let’s talk about how openID connect support works with – cause it’s pretty cool.
You can now take JSON Web Tokens generated by OpenID Connect-compatible Identity Provider (id_tokens
, in OIDC parlance) and point them at your -Cloud-Managed API, will then jump through hoops to make your life easier:
First, we validate the token:
- Is the token a valid jwt?
- Is the token issued by a known OP?
- Is the token issued for a known client?
- Is the token valid at the time (‘not use before’ and ‘expire at’ claims)?
- Is the token signed accordingly?
Then, we apply some rules:
- For this client ID, is there an associated token policy?
- Is there an underlying identity (the user ID of the bearer of the token)
- Generate an internal representation of that user, so they can be identified across JWT’s and Clients
- Apply the policy template to that identity (that’s your access control, throttling and quota’s)
- Generate some useful meta-data for your analytics
- Let the request go on
You can, if you are so inclined, even have the bearer rate-limited differently depending on their source, so if they came from your free client, then they get low access, but if they use your enterprise version, they get super-fueled access. It’s as easy as flipping a switch in your API configuration.
What does this mean?
It means that you do not need to integrate with at all, or even have generate tokens for you, token generation and control can rest entirely with your IDP’s using the OIDC standard, and point them at your Cloud instance. All you need to do is decide which issuers, and which of their registered clients to allow through, and set which policies and rules to set for those clients.
That means Mitre, Google+, Auth0 and any other Single-Sign-On provider that can handle Open ID Connect tokens is now compatible with Cloud.
But Wait, I’m an on-prem user! I want OIDC Too!
Well, you won’t have to wait long – we’re going to be pushing a release very soon with this feature because we think it’s so awesome. If you are extremely impatient, it will be live in our nightlies very shortly.
Create, secure & test APIs
Share with your network
OpenID Connect Support in Cloud is Here!
How to Use Postman Online for API Testing and Development
How to Use Postman Online for Efficient API Testing
推荐阅读
-
Navigating the Challenges of Alpha Vantage API Call Limits Effectively
-
Navigating the Intricacies of Instagram API Call Limit for Developers
-
Navigating the Yahoo Finance API Call Limit for Optimal Data Access
-
Navigating the Spotify API Call Limit Challenges for Developers
-
Mastering Alpaca API Calls Limit for Efficient Algorithmic Trading
-
Unlocking the Future of Entertainment: How AI and API Integration are Revolutionizing Content Creation
-
Unlocking the Schwab Trader API Developer Portal for Trading Success
-
Understanding the Binance API Call Limit for Effective Trading Strategies
-
Unlocking the Wells Fargo API Developer Portal for Seamless Banking Integration
-
Understanding the Dropbox API Call Limit for Seamless Integration
热门文章
-
Navigating the Challenges of Alpha Vantage API Call Limits Effectively
-
Navigating the Intricacies of Instagram API Call Limit for Developers
-
Navigating the Yahoo Finance API Call Limit for Optimal Data Access
-
Navigating the Spotify API Call Limit Challenges for Developers
-
Mastering Alpaca API Calls Limit for Efficient Algorithmic Trading
-
Unlocking the Future of Entertainment: How AI and API Integration are Revolutionizing Content Creation
-
Unlocking the Schwab Trader API Developer Portal for Trading Success
-
Understanding the Binance API Call Limit for Effective Trading Strategies
-
Unlocking the Wells Fargo API Developer Portal for Seamless Banking Integration
-
Understanding the Dropbox API Call Limit for Seamless Integration
最新文章
-
Traefik IoT Deployment Maximizes Efficiency for Smart Cities
-
Traefik Mobile Deployment Revolutionizing Load Balancing for Scalable Solutions
-
Traefik macOS Deployment Success with Essential Steps for Mastering Cloud
-
Unlocking the Power of LLM Proxy and Community-Driven Development
-
Unlocking Potential with LLM Proxy Open-Source Alternatives for Efficiency
-
Traefik Linux Deployment for Optimizing Microservices Architecture
-
Navigating LLM Proxy Compliance Frameworks for Responsible AI Use
-
Traefik Windows Deployment and Mastering Traefik on Windows for Seamless Microservices
-
Unlocking Efficiency in AI Solutions with LLM Proxy Multi-Tenancy Architecture
-
Traefik Cross - Platform Deployment Maximizes Your Deployment Efficiency