Types of Authentication

Ascenda enables integration with many authentication protocols. The authentication integrations enable you to use Ascenda's security and IAM features with little or no changes to your applications that use various authentication methods such as OAuth 2.0 or SAML.

We support three types of authentication mechanisms to cater to different security and access needs: Client Credentials Flow, Authorization Code Flow, and Refresh Token.

The Client Credentials Flow is typically used for server-to-server interactions, where applications authenticate themselves rather than a user. This is ideal for backend services and automated processes. The Authorization Code Flow is used for user-based authentication, allowing applications to act on behalf of users after they have granted permission. This method is widely recommended by industry standards, such as OAuth 2.0 RFC 6749, for its security and user-centric approach. The Refresh Token mechanism is employed to obtain a new access token without requiring the user to re-authenticate, enhancing usability and maintaining secure access over extended periods.

Refer to the different pages listed here as sub-topics to the type of Authentication use cases and protocols supported.

Category

Usage

Server-to-Server Authentication

Ascenda APIs uses Client Credential tokens to authenticate requests. You can view and manage your API keys in the Ascenda Dashboard.

User Authentication

Ascenda's ecosystem for end users leverages OAuth2.0 & OIDC as protocols for enabling user account access. Read the following sections for integration options for linking your end-user authentication protocols to Ascenda

Admin User Authentication

Similar to User Authentication. Ascenda's Admin User Authentication also leverages similar protocols for linking Admin user access to your Authentication Apps. Read this section for integration options related to Admin Panel login.