Regular web applications
General information
Regular web application (WEB) indicates a traditional web application with most of the logic happening on the server side.
Applied technologies include Java, .NET or PHP.
Web application protocol types
OAuth 2.0 / OIDC
OAuth 2.0 is an authorization framework that grants users access to a protected resource, to a third-party application or client. OIDC is an identity layer on top of OAuth 2.0, where clients obtain basic profile information about users.
Your application may use either the basic Authorization Code, or the more secure Authorization Code with PKCE flow.
Use the Refresh Token flow to request new tokens without user interaction.
SAML
SAML is an open standard that handles authentication flows between Identity Providers and Service Providers (SP). SAML improves user experience and increases security because the user only needs to sign in once to access several SPs.
For more information on how Identity Cloud uses SAML, see SAML 2.0 endpoints.
Web application attributes
Identity Cloud uses the following attributes for regular-web applications:
OAuth 2.0/OIDC web application attributes
In the case of Protocol type OAuth 2.0/OIDC, the following attributes are used:
- Client ID
- Client secret
- Allowed return URIs
- Access token lifetime
- ID token lifetime
- Refresh token lifetime
- Authorization endpoint
- Token endpoint
- Metadata endpoint
- Identity Cloud issuer
- Identity Cloud signer certificate
SAML web application attributes
In the case of Protocol type SAML, the following attributes are used:
- Issuer
- Subject
- Outbound binding
- Assertion Consumer Service URL
- Audience
- X509 Signer Certificate
- SSO service URL
- Metadata endpoint
- Identity Cloud issuer
- Identity Cloud signer certificate
