Use Cases
The Buypass OpenID Provider can be used in several different use-cases. Below are some common use-cases described and documented with some simple examples.
Authorizing API access using Client Credentials
In short, this is authentication of a client only (no end-user involved). The client retrieves an Access Token and uses this as a Bearer token (HTTP Header) to be granted access to an API. Hence, the client operates only on behalf of itself.
TODO: link to example code project
Authorizing API access using a end-user OIDC Access Token
In this case, the application calls a service/API on behalf of itself AND an end-user. The client retrieves an Access Token and uses this as a Bearer token (HTTP Header) to be granted access to an API. The Access Token is issued to the client on behalf of the end-user.
TODO: link to example code project