Liberty Repository[8.5.5.4 or later]
This topic applies to WebSphere Application Server Liberty V8.5.5.9 and earlier. For the latest Liberty topics, see the WebSphere Application Server Liberty documentation.

Using an OpenID Connect provider as an OAuth 2.0 authorization server

An OpenID Connect provider can be used as a normal OAuth 2.0 authorization provider to issue an OAuth 2.0 access_token, and support all OAuth 2.0 grant types.

An OpenID Connect provider supports JSON Web Token (JWT) Bearer Token as a grant for requesting an OAuth 2.0 access token, see Liberty RepositoryJSON Web Token (JWT) for OAuth Client Authorization Grants and Liberty RepositoryConfiguring an OpenID Connect Provider to accept JSON Web Tokens (JWT) for authorization grants.

If an authorization request is made with an authorization code grant or implict grant type, and if openid scope is not included or approved, the request is handled as a normal OAuth authorization request. An id_token is not issued, and an access_token and refresh_token can be issued.

An OpenID Connect provider can support OAuth authorization flow with Resource Owner Password Credentials Grant or Client Credentials Grant , see Liberty RepositoryConfiguring an OpenID Connect Provider to enable 2-legged OAuth requests.


Icon that indicates the type of topic Reference topic



Timestamp icon Last updated: Tuesday, 12 December 2017
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-libcore-mp&topic=rwlp_using_oidc_oauth_server
File name: rwlp_using_oidc_oauth_server.html