Skip to content

User Authentication Flow

Jump to bottom
Branden Barber edited this page Jan 22, 2025 · 5 revisions

For details on Authorization please view Users, Roles, and Permissions.

sequenceDiagram
    participant ReactApp as React App
    participant AzureB2C as Azure B2C
    participant WestDAATAPI as WestDAAT API

    ReactApp->>AzureB2C: User Logs In
    AzureB2C->>AzureB2C: Login
    AzureB2C->>WestDAATAPI: API Connector
    note over AzureB2C,WestDAATAPI: Basic Auth<br/>Contains ObjectId / Email
    WestDAATAPI->>WestDAATAPI: Authenticate Secret
    WestDAATAPI->>WestDAATAPI: Fetch User Roles
    WestDAATAPI->>AzureB2C: Roles as Custom Claims
    note over WestDAATAPI,AzureB2C: extension_westdaat_*
    AzureB2C->>AzureB2C: Attach Custom<br/> Claims to Access Token
    AzureB2C->>ReactApp: Access Token
    ReactApp->>ReactApp: Store Access Token
    ReactApp->>WestDAATAPI: Send Access Token
    note over ReactApp,WestDAATAPI: Authorization: Bearer <token>
Loading

Clone this wiki locally