Client Authentication

Clients are authenticated through reliable and robust methods designed for security and authorization:

  1. Client Secret: Clients can authenticate using a client secret to ensure secure and authorized interactions with the platform. For more details, refer to the relevant RFC. For more details, refer to OAuth 2.0 RFC 6749 Section 2.3.1.

  2. Mutual TLS with x.509 Certificate: OAuth client authentication and certificate-bound access and refresh tokens using mutual Transport Layer Security (TLS) authentication with X.509 certificates. This mechanism provides a secure method for client authentication and binding access tokens to a client's mutual-TLS certificate. For more details, refer to OAuth 2.0 RFC 8705.

These authentication methods, including mutual TLS with x.509 certificate, ensure a balanced approach to security, accessibility, and convenience for both users and clients within our platform.

Last updated