Technical terminology and abbreviatios

OAuth2 Authentication

A protocol for authorization that allows applications to secure designated access without handling user credentials.

Single Sign-On (SSO)

An authentication process that allows a user to access multiple applications with one set of login credentials.

Microsoft Entra ID

Microsoft Azure Active Directory, a comprehensive identity and access management cloud solution.

Google Provider

Refers to Google's OAuth 2.0 authentication system, allowing users to sign in with their Google account credentials.

Client ID

A unique identifier assigned to an application when it's registered with an OAuth provider.

Client Secret

A secret known only to the application and the authorization server, used for secure communication.

JWT (JSON Web Tokens)

An open standard for securely transmitting information between parties as a JSON object.

RS256

An RSA signature algorithm used to sign a JWT, providing assurance of the token's authenticity.

Token Flows

The methods by which OAuth tokens are obtained, such as "Implicit," "Authorization Code," "Refresh Token," and "Client Credentials."

Claim Mappings

Associations between user attribute fields from an external identity provider (IdP) and the Agile.Now platform.

Discovery Endpoint

A URL that returns metadata about the identity provider's configuration, including the URL of the authorization endpoint and the token endpoint.

Callback URL

The redirection URI where the response from the IdP is sent after authentication.

Logout URL

The URL where users are redirected after logging out from the application.

Credential Status

Indicates whether the OAuth2 or SSO credential is active or inactive.

Endpoint Configuration

Setting up the specific endpoint URLs required for OAuth2 operations, such as the authorization endpoint and token endpoint.

Claim

A piece of identity information (such as name, email, etc.) about a user.

External ID

A unique identifier for a user from an external system, used for mapping user accounts between systems.

Machine to Machine Authentication

Authentication that occurs between two machines via APIs, where no user interaction is required.

Refresh Token

A token used to obtain a new access token without requiring the user to be present.

Authorization Code

A temporary code that the client will exchange for an access token.

Implicit Flow

A type of OAuth flow primarily used by clients implemented in a browser using a scripting language such as JavaScript.

Client Credentials Flow

An OAuth flow that allows a web service (confidential client) to use its own credentials, instead of impersonating a user, to authenticate when calling another web service.

OpenID

An authentication protocol that allows users to use an existing account to sign in to multiple websites without needing to create new passwords.

Workspace

A designated virtual space within a platform like Agile.Now, where teams can collaborate, access tools, and manage projects.

Internal User

A user who is part of the primary organization or workspace, often having broader access and management capabilities within the system.

External User

A user from outside the primary organization or workspace, usually with limited access rights based on predefined relationships.

OTP (One-Time Password)

A password that is valid for only one login session or transaction, enhancing security by reducing the risk of credential reuse.

MFA (Multi-Factor Authentication)

An authentication method requiring two or more verification factors, significantly increasing security by adding layers of defense.

OpenID Provider (Custom Provider)

A service that implements OpenID authentication, allowing users to log in with their OpenID credentials. Custom providers are tailored specifically for the needs of a particular system or application.