Summary of features inside WebSphere Application Server OAuth 2.0 services

The following is a summary of features within WebSphere® Application Server OAuth 2.0 services.

• WebSphere Application Server acts as an OAuth Service Provider (SP) to handle OAuth 2.0 protocol requests.
• WebSphere Application Server acts as protected resource enforcement endpoint to authorize or deny requests for deployed web resources.
• Allow multiple service providers to co-exist.
• Allow administrator to revoke access tokens.
• Allow client to revoke its authorization given by a user.
• Optionally provide a Subject for a resource application to make an authenticated downstream call or perform programmatic J2EE security.
• Support 4 typical OAuth 2.0 flows as defined in the protocol.
• Support persistent OAuth services.