Content
View differences
Updated by Pavel Balashou almost 2 years ago
**As** an OpenID client (e.g., Nextcloud server)
**I want to** use access\_token obtained(exchanged?) from OpenID provider(e.g. Keycloak) as OpenProject API authentication mechanism.
**so that** OAuth grant flow can be skipped by Nextcloud users.
**Acceptance criteria**
* OpenProject API validates Access Token issued by OpenID Provider(Keycloak)
* Decrypt Access Token
* Check signature
* Authenticate user using **sub** claim value
**I want to** use access\_token obtained(exchanged?) from OpenID provider(e.g. Keycloak) as OpenProject API authentication mechanism.
**so that** OAuth grant flow can be skipped by Nextcloud users.
**Acceptance criteria**
* OpenProject API validates Access Token issued by OpenID Provider(Keycloak)
*
*
* Authenticate user using **sub** claim value