Authorisation Servers
Add OAuth authorisation servers enabling Data Receivers to discover the configuration of your server, register their client applications, and get access tokens for API access.
In Raidiam Connect, Organisations add their OAuth Authorisation Servers to enable the Data Receivers to easily discover the server's configuration, register their client applications, and get access tokens for API access.
If the underlying Registration Framework is configured to act as an OpenID Federation, the client does not have to be registered by the Data Receiver as the responsibility to register clients lays solely on the Data Provider's Authorisation Server's side.
An OAuth Authorisation Server, sometimes referred to as OpenID Provider, is a system that issues access tokens to client applications after successfully authenticating the user and obtaining their authorization. It acts as an intermediary between the client application and the resource server (Data Provider's APIs), ensuring that access to protected resources is granted securely and based on the resource owner's consent.
The Organisation's Authorisation Server handles requests for tokens, validates credentials, manages scopes, and maintains security policies enabling secure delegated access across different applications and services.
Authorisation Server Object
Most of the information and URIs to be configured for the Authorisation Server
are used mainly for the discovery of the Server by the customer that consents to
share their data. On a more technical level, client applications mainly use the
OpenID discovery
document URI, also known as the server's /.well-known endpoint. This URI
contains most of the information needed for a Data Receiver's Application to
interact with the server.
| Field | Description | Example |
|---|---|---|
| Customer friendly server name | Defined by the brand. Name shown to the receptor, add the name without abbreviations so that it can be recognized by the customer that will consent to share data. Maximum of 256 characters | Raidiam server |
| OpenID discovery document URI | The URI that points to the OpenID discovery document. | https://auth.sandbox.raidiam.io/.well-known/openid-configuration |
| Payload signing certificate URI | Location of the signature certificate URI | https://raidiam.com/payload-uricertificate |
| Customer friendly logo URI | Define the brand logo URI, for more information see the logo details below | https://raidiam.com/logo.svg |
| Developer Portal URI | URI developer portal | https://developers.raidiam.com |
| Terms of service URI | Location of the terms of service URI | https://raidiam.com/tos |
| Notification webhook endpoint | Endpoint of the webhook notification - Note this endpoint will need confirmation - visit the url sent to endpoint within 3 days to confirm subscription This URI is optional and allows the server to receive notification in case any relevant information on Connect is added or updated | webhook.site/97askmbf-c320-4982-b0ff-f7728893aa |
| Description | 1. Character limit: 256 characters 2. Description cannot have links 3. Required items in the description: Description of the brand, with additional information so the citizen knows what to choose without doubts. 4. Guidance on what it can contain: Organisation introduction text Start date of the institution Institution differences Contact channels | This is where you can describe your brand, bringing any additional information to help the citizen make the right choice. |
What's Next
- Learn about API Resources you can add as a Data Provider.
- Add Authorisation Server.
- Manage APIs for Discovery and Integration.
