Authentication with External Identity Providers

This section describes how AuthService performs authentication for client requests that use an access token from an external Identity Provider (such as PingID). AuthService supports two ways for doing so:

  • Using an Opaque Token: AuthService will validate this token by sending it to the Identity Provider for verification.
  • Using a JSON Web Token (JWT): AuthService will locally validate this token, by checking its signature and expiration date.

What’s Next

Choose one of the following options, based on the type of your Identity Provider token.

This section describes how you can authenticate a client using an opaque token issued by an external Identity Provider.

This section describes how you can authenticate a client using a JWT issued by an external Identity Provider.