You are here

OAuth 2 SSO overview

The OAuth 2.0 authorization framework enables an application to access protected resources on behalf of a user without storing a password.
OAuth 2.0 defines four roles:
  • Resource owner: Specifies the user who authorizes an application to access their account or protected resources (REST APIs).
  • Resource server: Specifies the server hosting the protected resources (REST APIs). In this case, it is Alfresco Process Services.
  • Client: Specifies your build application that makes protected resource (REST APIs) requests on behalf of the resource owner. Before it may do so, it must be authorized by the resource owner.
  • Authorization server: Specifies the server issuing access tokens to the client after successfully authenticating against Ping Identity, Azure Identity Services, or Site Minder.

OAuth 2 SSO support in Alfresco Process Services introduces a new set of components that allow developers to leverage the Alfresco REST APIs using OAuth 2 authorization.

The addition of OAuth 2 in Alfresco Process Services is the first step towards a single standards-authorization and identity services across the Alfresco Digital Business Platform. Using OAuth you can have:
  • a standard-based authorization infrastructure to integrate applications and solutions using Alfresco Process Services REST APIs with other enterprise applications which use OAuth.

  • configurable integration with OAuth authorization servers that can issue OAuth 2 tokens, such as Ping Identity, Azure Identity Services, or Site Minder, with support for custom and JWT tokens.
  • a unified OAuth 2 stack to facilitate OAuth 2 SSO for ADF and other applications across both Alfresco Process Services and Alfresco Content Services.

Sending feedback to the Alfresco documentation team

You don't appear to have JavaScript enabled in your browser. With JavaScript enabled, you can provide feedback to us using our simple form. Here are some instructions on how to enable JavaScript in your web browser.