PDFs for OA4MP

Index of PDF files for OA4MP

File	QDL	Description
Authentication_in_OA4MP.pdf	N	Discussion/Synopsis of the various wasys to do authentication in OA4MP
claim_source_examples.pdf	Y	Examples of writing QDL to get claims.
creating_claim_sources2.pdf	Y	Introduction to writing QDL to get claims from various sources, such as LDAP, a file, SAML headers and such.
DIService-reference.pdf	N	The reference manual for using the DIService, a web service which lets you un your own Detached, Independent Authentication Server and simply send notifications to OA4MP about how users' logins are proceeding.
filestore-migration.pdf	N	Reference manual for migrating old file stores in OA4MP to a Derby database.
forking_a_flow_quickstart.pdf	N	Quick introduction with lots of examples for using an OA4MP ersatz client to fork an OAuth flow. By forking we mean to start a flow with a provisioner, which may then allow other clients to take over the flow. (This is a direct analog to forking a process, hence the name.) This is useful if there is a job (e.g. massively parallel computing) which starts a flow then must create dedicated worker tasks each with its own specific, restricted set of permissions. It is a form of delegation.
java-extension-to-oa4mp.pdf	N	How to extend OA4MP via Java to add direct user support. It references the GitHub OA4MP extension example project.
jwt-util.pdf	N	Reference manual for the command line JWT tool
oa2-client.pdf	N	The reference manual for OA4MP command line client (CLC). The CLC allows you to do every operation using your client’s credentials from the command line. This is a great debugging tool.
oa4mp-modules.pdf	Y	Quick reference sheet for the various QDL modules you can use with OA4MP
oa4mp_as_dedicated_issuer.pdf	N	Using OA4MP to issue/manage tokens. This replaces both authentication and the initial exchange to get a token. One scendario is a service that federates dataset services each of which requires tokens (replacing X509 certificates, for instance). A user may start an operation, but the service needs to mint tokens without user intervention after that. Pelican PLatform is an example.
oa4mp_running_qdl_scripts.pdf	Y	How to write QDL scripts for an OA4MP server. This includes how they are called and what the runtime environment contains.
policies.pdf	N	Introduction to server-side OA4MP policies. These are set per client and are human readable documents of how permissions, authorization and such are to work. Authentication -- who are the users is different than Authorization -- what can the users do. Policies in OA4MP address authorization and are (usually) implemented in QDL, but policy documents must be language neutral.
qdl_clc_ini.pdf	Y	Reference manual for the CLC to read QDL ini files. This is simply another way to write configurations and may be easier to understand for people that use QDL extensively.
qdl_oa4mp_store_access.pdf	Y	Reference manual for accessing the underlying OA4MP stores using QDL.
rfc6749_4_4.pdf		Support in OA4MP for client credentials and how to use them.
rfc7523_intro.pdf		Enabling and using public/private key access for a client.
scopes.pdf	N	Document about what scopes are and are not. If you are new to OAuth or OA4MP, this is a great place to start reading about them.
token_handler_configuration.pdf	Y	Reference manual for how token handlers in the client configuration (which resides on the server and is applied to each client as requests are processed). It is possible to use this without recourse to QDL as well via templates.
Using_header_for_authentication.pdf	N	Reference manual for configuring OA4MP to use headers from a server (such as Tomcat) for authentication.