Your instance of DRUID is designed to be able to integrate a large number of your different applications and websites of your digital ecosystem, and like so many others, you need the maximum integrity and security of these systems. We place our trust in the OAuth 2 protocol, because it is used worldwide among services with a high number of concurrences, and therefore there is an infinite amount of documentation in this respect. DRUID is our implementation of OAuth2 – draft 15 for with all the additional functions needed have been added.
Therefore, access by a web client to DRUID is done through this protocol. The authentication/authorization server will validate the credentials of the web client. This way we take this responsibility off the shoulders of the applications and websites, simplifying their development.
|Login / Register/ Reauthorize|
|Obtain access token||/oauth2/token||POST|
|Edit account flow||/register/edit_account_input||GET|
|Complete account flow||/register/complete_account_input||GET|
|Obtain client token||/oauth2/token||POST|
|Refresh access token||/oauth2/token||POST|
|Challenge Code Token flow|
|Obtain Challenge Code Token||/oauth2/token||POST|
|Opt Out outside edit account||/register/optout||GET|
|Opt In outside edit account||/register/optin||GET|