Web App Authentication

  1. Within the regular web application, the user clicks Login.
  2. Auth0's SDK redirects users to the Auth0 Authorization Server.
  3. Krayons' Auth0 Authorization Server redirects the user to the login and authorization screen.
  4. After authenticating using one of the configured login options, the user may see a consent page listing the permissions Auth0 will grant to the regular web application.
  5. With Krayons' Auth0 Authorization Server, the user is redirected back to the application with an authorization code.
  6. With the application's Client ID and Client Secret, Auth0's SDK sends this code to Krayons' Auth0 Authorization Server.
  7. The code, Client ID, and Client Secret are verified by Krayons' Auth0 Authorization Server.
  8. Krayons' Auth0 Authorization Server responds with an ID Token and an Access Token.
  9. To access information, Krayons' Web APP uses the Access Token to call a Backend API.
  10. The API responds with requested data.

API Token Authentication - TBD