OAuth 2.0 services

WebSphere® Application Server OAuth services include both OAuth authorization service and web resource authorization decision service.

OAuth 2.0 authorization service provides all OAuth 2.0 protocol endpoint URLs, and is responsible for client authorization and token issuing.

Web resource authorization decision service is a combination of standard WebSphere Application Server Java™ 2 Platform, Enterprise Edition (J2EE) security and WebSphere Application Server trusted association interceptors (TAI). When a client accesses a J2EE secured web resource, the OAuth TAI intercepts the request, validates the OAuth token, and maps the OAuth token to the WebSphere Application Server platform security subject. From then on, the client is assessed and authorized based on the authenticated subject.