Casa and Gluu interactions - GluuFederation/casa GitHub Wiki
Interactions with oxd:
| Event | Actions executed | Notes |
|---|---|---|
| First usage | Client registration | |
| Every login attempt | get authorization url, tokens by code, user-info | |
| Oxd settings changes | Several | In admin dashboard, settings of oxd server <-> casa interaction can be parameterized |
| Every logout attempt | Get a logout url |
Interactions with oxauth:
| Event | Actions executed | Notes |
|---|---|---|
| Every login attempt | Steps of authorization code flow | Involves execution of a custom script that may interact with u2f and fido endpoints and external (3rd party) services as well |
| Calls to enrollment API endpoints | Token introspection or client info endpoint | |
| Every logout attempt | End session | |
| u2f security key or Supergluu enrollment | U2F registration flow | |
| Authentication with u2f security key or supergluu at login | U2F authentication flow |
Interactions with fido 2:
| Event | Actions executed | Notes |
|---|---|---|
| Fido 2 security key enrollment | Fido attestation flow | |
| Authentication with security key at login | Fido assertion flow |
Interactions with passport:
Applicable when account linking plugin is installed in Casa
| Event | Actions executed | Notes |
|---|---|---|
| Link an account | Custom inbound identity authentication flow | |
| Authentication with external account | Standard inbound identity authentication flow |