Puzzel’s API security is based on OpenID Connect, OpenID Connect is a identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST -like manner.
See http://openid.net/connect/faq/ for a set of answers to Frequently Asked Questions about OpenID Connect.
|Lines||Green dotted line: server. Blue dotted line: platform. Circle, process|
|Global config file||Global configuration file that contains (encrypted) private key|
|Agent||Agent client and other clients iusing the auth service to get accesstoken|
|Auth0||3rd party service we use for SSO. Agent is redirected here for SSO authentication|
|Audiocodes||Audiocodes is the phone switch that uses the auth service to check accesstoken for users accessing softphone|
|IQ PROD||Database containing all users, their configuration and credentials. Also contains refreshtokens. Map external users towards a user id|
|DF1||Logon on with credentials or refreshtoken to receive accestoken. Only support https|
|DF2||Retrive accestoken on request. Only support https|
|DF3||Get user data and refresh token|
|DF4||logon a user, get configuration data for a user|
|DF5||Send softphone adress of user|
|DF6||Ask Introspection Response Endpoint with an accesstoken to get softphone adress of user|
|DF7||Get user claims based on an auth token|
|DF8||Send user claims|