AuthN & AuthZ¶
Introduction to OAuth 2.0 / OpenID Connect¶
OpenID Connect (OIDC) and OAuth 2.0 are the preferred specifications to provide end user authentication and ensure secure service-to-service communication for applications running on the platform.
In short, OpenID Connect is used to delegate end user authentication to a third party (e.g. Azure AD), while the OAuth 2.0 protocol can provide signed tokens (JWT) for service-to-service communication.
NAV-specific Security Guide¶
As OAuth 2.0, OpenID Connect, and the variety of "flows" within those specifications can be complex and "large", we aim to reduce the cognitive load on the common developer by providing a guide and blueprints for the most common scenarios in NAV.
Info
Please consult the NAV Security Guide (internal access required) for details on the usage of these specifications and protocols within NAV.
Citizen-facing applications¶
Employee-facing applications¶
See Azure AD