This is an old revision of the document!
OAuth
Capturing the request
| Column | Type | Description |
|---|---|---|
| id | UUID | ID to keep track of the request |
| secret | str | Secret stored in a flow cookie |
| session_id | Optional FK | Associated login session |
| client_id | FK | The OAuth client sending this request |
| response_type | str | OAuth response type. e.g. Authorization Code, ID token etc. |
| scope | str | The requested scope. Usually contains openid as a minimum |
| state | str | Client specific state |
| nonce | str | Passed through to the ID token |
| redirect_uri | str | Where to redirect after authenticating |
| acr_values | str | Requested authentication level |
| code_challenge | str | PKCE challenge |
| code_challenge_method | str | PKCE method |