Skip to content

Backend to Backend

The Backend Module calls the API provided by the Resource server directly. The Backend Module is responsible for an authentication itself with the IAM Authorization Server and it uses the confidential client to access the IAM Authorization Server. The OAuth2.0 Client Credentials grand is used, where an Access Token is issued based on client ID and client Secret authentication. The Backend Module manages and uses Tokens for API access.

diagram

  1. The Backend Module requests an Access and Refresh Tokens from the IAM Server by calling the standard Oauth2 Token endpoint (/token) .
  2. The IAM Server returns Tokens to the Backend Module which stores Tokens.
  3. The Backend Module calls the underlying Service APIs with Access Token.