Skip to content

Authentication and Authorization - Overview

Introduction to OAuth 2.0 / OpenID Connect

OpenID Connect (OIDC) and OAuth 2.0 are the preferred specifications to provide end user authentication and ensure secure service-to-service communication for applications running on the platform.

In short, OpenID Connect is used to delegate end user authentication to a third party (e.g. Azure AD), while the OAuth 2.0 protocol can provide signed tokens (JWT) for service-to-service communication.

As OAuth 2.0, OpenID Connect, and the variety of "flows" within those specifications can be complex and "large", we aim to reduce the cognitive load on the common developer by providing a guide and blueprints for the most common scenarios in NAV.

Info

Please consult the NAV Security Guide (internal access required) for details on the usage of these specifications and protocols within NAV. This guide also includes details and examples on how to do AuthNZ against legacy apps that are not yet part of the security model discussed here.

Citizen-facing applications

See ID-porten and TokenX

Employee-facing applications

See Azure AD