Onegini Token Server

An introduction

The Onegini Token Server is a complete solution for managing your customer’s authorizations. It provides a comprehensive security Token Server that integrates with enterprise identity and access management systems based on the latest Web and API security standards such as OAuth 2.0. With the Token Server, companies and users can interact by securely sharing data between applications and allow users to approve applications to act on their behalf without sharing passwords.

OAuth 2.0 is lightweight and provides universal access for web, mobile app or any other third party application. Unfortunately, OAuth can also be complex to set up, given the number of actors, token formats, transports, management, logging and security mechanisms required. Especially handling all the user interactions requires a flexible architecture since the number of devices is growing rapidly. Luckily Onegini is here to help you out.

Token Server main components

The Onegini Token Server consists of two applications:

  • Token Server Admin: a web application to configure the Token Server, check its statistics and the activity of its clients and users.
  • Token Server Engine: the heart of the Token Server. All the interactions with clients and external components are performed in this application.

How the documentation is organized

The Token Server has a quite lot of documentation. A high-level overview of how it’s organized will help you know where to look for certain things:

  • Quick start section guides you through the steps to install the Token Server and helps you to create the setup for the Onegini Example App.
  • Configuration describes all configuration properties to customise your Token Server installation.
  • API reference describes all APIs exposed by the Token Server that are available for your developers.
  • Topic guides describes key topics and concepts at a fairly high level to provide background information and explanation.