Authentication [VF 20.2 IG]
Description
VidiFlow uses OpenID Standards as the centralized authentication mechanism. As OpenID incorporates Oauth2, all of the UIs and APIs are protected by the OAuth2 authentication. Currently, VidiFlow mainly uses 2 main authentication flows:
Implicit, which mainly used by web UI applications.
Client Credentials, which mainly used by backend services.
Please Note: OpenId also supports multiple different flows for authentication, but VidiFlow uses the above mentioned flows only.
Every web request to one of the APIs must be authorized by supplying an access token in the authorization header, such as the example provided below:
EXAMPLE of Authorization Header Containing Access Token
Authorization: Bearer XXXXXXXeyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IjRhQUFtWVdVWFJHU2pIUWk5RzVLcHdoclU4TSIsImtpZCI6IjRhQUFtWVdVWFJHU2pIUWk5RzVLcHdoclU4TSJ9.eyJpc3MiOiJodHRwOi8vZHYtcGxhdGZvcm0tcWExOjE5MDgxL0ludGVncmF0aW9ucy9BdXRoZW50aWNhdGlvbi9jb3JlIiwiYXVkIjoiaHR0cDovL2R2LXBsYXRmb3JtLXFhMToxOTA4MS9JbnRlZ3JhdGlvbnMvQXV0aGVudGljYXRpb24vY29yZS9yZXNvdXJjZXMiLCJleHAiOjE1MDQ2OTU0ODUsIm5iZiI6MTUwNDY5MTg4NSwiY2xpZW50X2lkIjoid29ya2Zsb3dfZW5naW5lIiwic2NvcGUiOiJhcGkxIn0.F9WGg7ywVc0EKM8wCWqHb48oz_OhsTYZUapIFYvwwUiZ-P5rU1RgQ0bYrqL6gnSknvM4CvyZsp9uQqB0eniiwCpOAXgvYCCWl2YOMc2Z7fGiFidmjjeMMPXQEZ2854lzeyGh9PoBJokAL8X6V8d9HetJiqwEIF2rMOX92yLUII6oL09yZvAx1UkKsXuW_dIqlap9xamRuh4wMGGvK6YRRWdGDPZo0DDjHDm4iuqi7iGm732pewZETwb0lkrbOHHYPKPygkprkR7NqX379i2Ntmx0AD-3UXVhudPE0Fgj6G1X8un3p-O33Ac52I_MPrXnQnZa26knoJPNrc_LtD3wTg