Skip to main content
Skip table of contents

Authentication [C IG]

Description

VidiFlow uses OpenID Connect standards as the centralized authentication mechanism. As OpenID Connect incorporates OAuth2, all of the UIs and APIs are protected by the OAuth2 authentication. Currently, VidiFlow mainly uses 2 main authentication flows:

  • Implicit Flow, which used by web UI applications.

  • Client Credentials Flow, which used by backend services.

As authentication is standards-based, we strongly recommend to use a standard-compliant OIDC client library for obtaining tokens from AuthenticationService. The OIDC discovery endpoint is available under {{authServiceEndpoint}}/.well-known/openid-configuration.


Please Note: OpenId also supports multiple different flows for authentication, but VidiFlow uses the above mentioned flows only.
Every web request to one of the APIs must be authorized by supplying an access token in the authorization header, such as the example provided below:

EXAMPLE of Authorization Header Containing Access Token

CODE
Authorization:  Bearer XXXXXXXeyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IjRhQUFtWVdVWFJHU2pIUWk5RzVLcHdoclU4TSIsImtpZCI6IjRhQUFtWVdVWFJHU2pIUWk5RzVLcHdoclU4TSJ9.eyJpc3MiOiJodHRwOi8vZHYtcGxhdGZvcm0tcWExOjE5MDgxL0ludGVncmF0aW9ucy9BdXRoZW50aWNhdGlvbi9jb3JlIiwiYXVkIjoiaHR0cDovL2R2LXBsYXRmb3JtLXFhMToxOTA4MS9JbnRlZ3JhdGlvbnMvQXV0aGVudGljYXRpb24vY29yZS9yZXNvdXJjZXMiLCJleHAiOjE1MDQ2OTU0ODUsIm5iZiI6MTUwNDY5MTg4NSwiY2xpZW50X2lkIjoid29ya2Zsb3dfZW5naW5lIiwic2NvcGUiOiJhcGkxIn0.F9WGg7ywVc0EKM8wCWqHb48oz_OhsTYZUapIFYvwwUiZ-P5rU1RgQ0bYrqL6gnSknvM4CvyZsp9uQqB0eniiwCpOAXgvYCCWl2YOMc2Z7fGiFidmjjeMMPXQEZ2854lzeyGh9PoBJokAL8X6V8d9HetJiqwEIF2rMOX92yLUII6oL09yZvAx1UkKsXuW_dIqlap9xamRuh4wMGGvK6YRRWdGDPZo0DDjHDm4iuqi7iGm732pewZETwb0lkrbOHHYPKPygkprkR7NqX379i2Ntmx0AD-3UXVhudPE0Fgj6G1X8un3p-O33Ac52I_MPrXnQnZa26knoJPNrc_LtD3wTg


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.