KMD Identity Concepts - kmd-identity/documentation GitHub Wiki

KMD Identity has a concept called Application Group. An Application Group is nothing more than a logical grouping of applications (API's, Native and Server applications).

The name of an Application Group should be the product name. Always specify the Application Group name when contacting KMD Identity team.

An API is the end resource a user or an application is accessing. An API can be accessed by users through Native and Server Applications by authenticating with an Identity Provider. In addition, an API can also be accessed by Server Applications through the Client Credentials Flow.

Also known as SPA (Single Page App), Mobile App, PC App, Public Client and User-Agent based App

Client incapable of maintaining the confidentiality of their credentials (e.g., clients executing on the device used by the resource owner, such as an installed native application or a web browser-based application), and incapable of secure client authentication via any other means.

Also known as Server Side Web App and Confidential Client

Client capable of maintaining the confidentiality of their credentials (e.g., client implemented on a secure server with restricted access to the client credentials), or capable of secure client authentication using other means.