Integration
The Connect2id server offers a set of powerful interfaces for plugging in your enterprise data sources, branded UI/UX and business / authorisation logic. These can be:
- Web interfaces – For maximum flexibility, based on REST and JSON;
- Java Service Provider Interfaces (SPI) – For maximum performance with Java- based modules; may be implemented as connectors to a web service for additional flexibility.
| Interface | Type | Purpose |
|---|---|---|
| Authorisation session | web | Integrate your branded login page (UI), your subject (end-user) authentication methods and your business / authorisation logic for setting the claims and scopes of the issued ID and access tokens. |
| Direct authorisation | web | Create SSO sessions and obtain ID / access tokens directly, without any end-user interaction. Can be used to federate external identity providers, such as business partners and social logins from Facebook, Twitter, etc. |
| Authorisation store | web | Query, update and revoke issued OAuth 2.0 / OpenID Connect authorisations as well as the associated access and refresh tokens. |
| Subject session store | web | Query, access and manage the SSO sessions of subjects (end-users) with the Connect2id server. |
| Claims source | SPI | Integrate OpenID Connect claims sources, such as LDAP directories, SQL databases and HR management systems. |
| Password grant handler | SPI | Plug in your own authorisation logic for handling OAuth 2.0 resource owner password credentials grants. |
| Client credentials grant handler | SPI | Plug in your own authorisation logic for handling client OAuth 2.0 credentials grants. |