Client Id & Client Secret

Mar 19, 2015 at 3:11 PM
This implementation is authenticating against our existing AD server. So where does my user get the Client Id & Client Secret from? Do I have to write some kind of OpenId provider to associate client id & secret for each user? If it is so, don't I loose the advantage of authenticating against AD?

Thanks.
Coordinator
Mar 19, 2015 at 3:24 PM
Edited Mar 19, 2015 at 3:28 PM
You need to use this application if you have a third external service that does not have access to Active Directory (for example a web server application). In this way the Oauth Server can act as a bridge between your internal AD and the external service for authentication. The Client ID and Client Secret are saved in the third service and not in the client. Oauth server can serve different external application and for each one you define a Client Id e a Client secret.
Client Id and Client Secret are used to trust external application, not end users.
Marked as answer by rjv_rnjn on 3/19/2015 at 12:52 PM
Mar 19, 2015 at 7:18 PM
rciot wrote:
Client Id and Client Secret are used to trust external application, not end users.
That makes it clear. Thank you for the clarification and quick response.