Application Integration through OpenID Connect / OAuth 2.0 #860
FerdinandvHagen
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I would like to propose using the OIDC/OAuth 2.0 flow for the session flow / integration with applications instead of the current JWT based flow - or as a basis for the development of a new session flow as announced in this comment. In contrast to #782 this is not about adding general OIDC/OAuth 2.0 capabilities to login users - but use the OIDC/OAuth 2.0 as the underlying protocol flow for applications to authenticate users through Hanko. For those familiar with OIDC/OAuth 2.0 - essentially making Hanko an OIDC OpenID Provider under the OIDC spec.
Zitadel uses this process and it makes for very simple integration with applications as most languages/frameworks support OIDC/OAuth2.0 out of the box. An explanation of the process and how Zitadel handles this can be found here.
I would expect that any custom session management / application integration process will eventually become very similar to OIDC/OAuth2.0 anyways - and as already discussed in #246 the current usage of a JWT for session management is at least debatable - if not discouraged.
To make implementation easy, Zitadel has open-sourced the OIDC/OAuth2.0 server implementation (GoLang). An example on how to use the library can be found here).
Beta Was this translation helpful? Give feedback.
All reactions