User Authentication Concepts - Vault Vision
Typical OIDC Application to Authentication Provider Flow Strategy and Diagrams
When implementing an OIDC Application to integrate with an Auth Provider, there are the following six implementation flows to consider. Two flows each for: signup, login, logout
User starting a signup from the Application
User starting a login from the Application
User starting a logout from the Application
Auth Provider redirecting the user back to the Application with the OIDC authentication payload after a successful signup or login
Auth Provider redirecting the user back to the Application after a successful logout
Auth Provider redirecting the user back to the Application when the Auth Provider did not receive the proper login request. The Auth Provider needs to know a URL on the Application where the user can see a login button and can restart a user login request
Login Flow Diagram
Step 1
Decide the URL locations for these 3 endpoints on your website:
callback (route location on your website where our services will redirect authenticated users to with an OAuth token)
Usually something like:
https://yoursite.com/callback
login (route location on your website where we will redirect unauthenticated users to so that you can redirect them back with the proper login intitation request paramters, like your client_id and callback URL)
Usually something like:
https://yoursite.com/loginThis is not required, but without it we don’t know where to send a user if they bookmarked our page or followed a link to the login that did not come from your login redirect.
logout (route location on your website where we will redirect users to AFTER they have logged out and we have removed their session)
Step 2
Update the URL values in the Vault Vision Management Panel for your application.