Components

OAuth Actors

oauth_actors.png

Resource Owner

resource_owner.png

Client

client.png

OAuth Server

oauth_server.png

  1. Login - it could be:
    1. A simple login page which accept username and password and verify them against the credential database
    2. Enterprise Single Sign-On (SSO) which verify credential against Active Directory
  2. Consent Server - which get the consent of resource owner to provide access to the client for the listed resources
  3. Token database - a technical database storing token values and attributes

Both login and consent happen in the Authorization Endpoint.

OAuth Endpoints