Integration interfaces

The Connect2id server offers a set of powerful interfaces for plugging in your enterprise data sources, branded UI/UX and business / authorisation logic. These can be:

  • Web interfaces -- For maximum flexibility, based on REST and JSON;
  • Java Service Provider Interfaces (SPI) -- For maximum performance with Java- based modules; may be implemented as connectors to a web service for additional flexibility.
Interface Type Purpose
Authorisation session web Integrate your branded login page (UI), your subject (end-user) authentication methods and your business / authorisation logic for setting the claims and scopes of the issued ID and access tokens.
Direct authorisation web Create SSO sessions and obtain ID / access tokens directly, without any end-user interaction. Can be used to federate external identity providers, such as business partners and social logins from Facebook, Twitter, etc.
Authorisation store web Query, update and revoke issued OAuth 2.0 / OpenID Connect authorisations as well as the associated access and refresh tokens.
Subject session store web Query, access and manage the SSO sessions of subjects (end-users) with the Connect2id server.
Claims source SPI Integrate OpenID Connect claims sources, such as LDAP directories, SQL databases and HR management systems.
Password grant handler SPI Plug in your own authorisation logic for handling OAuth 2.0 resource owner password credentials grants.
Client credentials grant handler SPI Plug in your own authorisation logic for handling client OAuth 2.0 credentials grants.