Tax Balance heavily relies on the Portal application provided by AMANA.
Authentication
Authentication is perfomed performed via OAuth 2.0 protocol. The Portal application provides mechanisms to authenticate the user, e.g., with username and password or with SAML 2.0 (SSO).
After a successfull successful authentication, the portal creates an OAuth Access Token 2.0 access tokens in JSON Web Token (JWT) format and returns it to Tax Balance. Tax Balance Web application stores the access token in browser session and appends it to each request to the Tax Balance ressource resource server (API).
This is a sample request with an authorization header:
Code Block | ||
---|---|---|
| ||
GET /api/demo HTTP/1.1 Authorization: Bearer S0VLU0UhIExFQ0tFUiEKeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c |
Authorization in Tax Balance
...