identity-access
Installation
SKILL.md
Identity & Access Management
Authentication vs Authorization
- Authentication (AuthN): Who are you?
- Authorization (AuthZ): What can you do?
OAuth 2.0 Flows
Authorization Code (Web Apps)
User -> App -> Auth Server -> User Login
User -> Auth Server -> App (code)
App -> Auth Server (code + secret) -> tokens
PKCE (Mobile/SPA)
Like Authorization Code but with code verifier/challenge instead of secret.