ObjectsGrid
  • Documentation
    • Core Concepts
    • Usage Guide
      • Quick Start
      • Authentication and Authorization
      • Access Control via ABAC
      • GraphQL API Examples
      • Login with Google app setup
      • Objects Schemas
    • OBJECTS GRID Objects
      • Generic Object
        • GenericObjects REST API
      • Enum Object
        • Enum Object REST API
      • ProductCatalog Object
      • ProductGroup Object
      • Product Object
      • Brand Object
        • Brands REST API
      • Language-Tagged String
      • Tags Object
      • Meta Object
    • Private Objects
      • Auth
        • Tokens REST API
      • ABAC Policy
        • ABACPolicies REST API
      • Organization Account
        • OrganizationAccounts REST API
      • User Account
        • UserAccounts REST API
      • Service Account
        • ServiceAccounts REST API
      • Access Logging
        • AccessLogEntries REST API
  • Support
    • Terms and Conditions
  • Blogs
    • Attribute Based Access Control
    • ABAC vs RBAC
Powered by GitBook
On this page

Was this helpful?

  1. Documentation
  2. Usage Guide

Authentication and Authorization

ObjectsGrid Authentication and Authorization

PreviousQuick StartNextAccess Control via ABAC

Last updated 3 months ago

Was this helpful?

Summary

Authentication is the process of verifying the user's identity. It ensures that the person or computer accessing the platform is who they claim to be.

We currently support authentication through external (OIDC) identity providers. is fully supported, while Facebook integration is in progress. We also plan to add support for Apple and Okta in the near future.

Your mobile or web application must enable its users to sign in with at least one of the supported OIDC providers and obtain an ID Token from them. For example: The ID Token serves as a trusted proof of successful authentication from the identity provider (IDP).

Next, your application will exchange the ID Token for an ObjectsGrid Access Token. This Access Token must be included in every ObjectsGrid API request thereafter, to authenticate and authorize access to the APIs.

Authorization is the process of determining what actions or objects (resources) a user is allowed to access after they have been authenticated. It defines the user's permissions and access control. ObjectsGrid authorization is compliant.

ObjectsGrid APIs access levels are managed using (ABAC). ABAC is an advanced authorization model that grants or denies access to resources based on attributes associated with users, resources, actions, and the environment. The access level rules are defined in an ABAC policy.

OpenID Connect
Google
OAuth 2.0
Attribute-Based Access Control