img http://www.internet-technologies.ru/uploads/articles/201311/potok-veb-servera-270413.jpg I apologize for a possibly stupid question, but I had a problem with understanding OAuth, please tell me why in all tutorials, the OAuth architecture is depicted in such a way that the Resource Server and the Authorization Server are two different entities, is it fundamentally true, or can they be combined into one?
1 answer
This protocol allows one application (service) to issue rights to access user resources on other services. Resources can be more than one. Obtaining rights, you immediately have access to all services without authorization.
For example, you log in to VKontakte and get access to services like photos, videos, audio recordings, etc.
Additionally, you can read
In principle, the resource and authorization server can be on the same machine (server), but this is bad practice and badly scalable.
Senior pomidor senior pomidor
7.177 2 14 35
|