Auth

From DreamFactory
Jump to: navigation, search
Line 2: Line 2:
  
 
## Overview
 
## Overview
DreamFactory provides very extensive Authentication and Authorization features. Single sign-on, user per-application roles,
 
Role-Service access are all carefully implemented to provide a secure, robust, and scalable platform for authenticating and
 
controlling user access to all services and resources.
 
  
DreamFactory separates administrators from other users. Every DreamFactory instance must have at least one administrator
 
configured at installation. Administrators can login, use the admin console, perform API calls, do not have roles, and
 
are not required to use API keys for access. Non-administrators are generally the users of the applications running on a
 
DreamFactory instance. Each application has an unique API key. All non-administrator users are required to use an API key
 
to access the system. Roles are assigned to a user on per-application basis. This enables the flexibility of having a
 
single user with different roles across different applications in the system. Each application can also have a default role
 
assigned. If no role is assigned to a user for an application then access is controlled by the default application role.
 
 
DreamFactory supports the standard username and password based authentication, but it can also be provisioned to utilize
 
most common OAuth providers and even LDAP and Active Directory.
 
 
## Authentication
 
## Authentication
  
 
### JSON Web Token (JWT)
 
### JSON Web Token (JWT)
DreamFactory utilizes the JSON Web Token (JWT) technology at it's core for authentication and session management. JWT is
 
a simple JSON based open standard (RFC 7519) for passing claims (session related data) between client and server in a web
 
environment. These claims are encrypted and tokenized using a standard format to make it url safe and usable in a web
 
browser single sign-on context. You can find out more details about JWT and it's implementation at the following link.
 
  
http://www.toptal.com/web/cookie-free-authentication-with-json-web-tokens-an-example-in-laravel-and-angularjs
 
 
### Standard Username/Password based Authentication
 
### Standard Username/Password based Authentication
  

Revision as of 17:24, 18 September 2015


    1. Overview
    1. Authentication
      1. JSON Web Token (JWT)
      1. Standard Username/Password based Authentication
      1. OAuth
      1. AD/LDAP
    1. Authorization
      1. API Key
      1. Role Service Access
        1. Advanced Filters
        1. Lookups