CloudServices/Sagrada/ApplicationModel
Contents
Overview
Sagrada applications use a shared model for service discovery, authentication/authorization, and request signing.
This is a basic shell, and we'll expand on it soon.
Developer docs
Components of the model
Service Discovery
The client flow starts with discovery of available services, and any relevant links/metadata about the instance. This is a fairly basic JSON format, used to direct clients to the authentication endpoint for a given service.
A description of the service and API is available.
Token Server
Authenticating to individual services requires obtaining a token for that service. This is effectively a POST request to a service-specific URL with a BrowserID assertion, and returns a service endpoint, and the required keys/tokens to access that endpoint.
More details on the token server.
Service Access
All requests to end services are authenticated using MAC Auth. The client and service developer docs linked above detail how to make and validate these requests.