[Openid-specs-ab] Use Proxy to set the correct aud...
Michael Schwartz
mike at gluu.org
Mon Jun 16 20:44:02 UTC 2014
The simple answer to setting the correct aud is to use an OpenID Connect
proxy.
This is why we wrote oxProx: trust is managed between the proxy and the
OP--as it should be. Then the proxy can establish trust separately with
all the RP's the comprise your service.
We recently finished the code, and are working an an admin UI and
documentation. But for a quick overview of oxProx, you can check here:
http://www.gluu.co/oxprox-wiki
BTW, I still don't see this as a solution for API access management. For
this, I think you need UMA which defines a way for the client to request
an authorized token to present to the API server (Resource Server, or
RS). Check out the diagrams here: http://www.gluu.co/.g1k6
- Mike
-------------------------------------
Michael Schwartz
Gluu
Founder / CEO
mike at gluu.org
More information about the Openid-specs-ab
mailing list