Authentication Concepts
This section covers important concepts and principles related to authentication and security.
Available Concepts:
- Strong Customer Authentication (SCA) - Regulatory requirements for secure authentication
- Understanding Password Matching with bcrypt and Salts - How bcrypt stores passwords, how salts kill rainbow tables, and why slow hashing matters
- Authentication vs Authorization - Understanding AuthN and AuthZ concepts
- Scopes vs. Claims - What scopes request and what claims return
- Standard Claims Reference - Complete guide to OIDC claims and how they interact
- Demystifying the Tokens - What each token does in the pipeline
- OpenID Connect Discovery Document - What .well-known/openid-configuration is and how clients use it
- ID Token vs. Access Token - What each token is for and how to use them