Getting Started

In order to use the IDM you have to retrieve another token for your application. So that your application can authenticate against our IDM service. With that, we want to prevent leaking the IDM directly to the users.

Here is the current procedure how to get access to the IDM

On the questionnaire we ask you if and how you want to use the IDM
If you want to use the IDM, you will get an IDM client ID and an IDM client secret
Use this IDM client ID and IDM client secret with the client credentials authentication flow to get an IDM access token
Use the IDM access token access the IDM

If you ever notice that you need access to more scopes than you requested or if you need help in general with the IDM, always feel free to contact us.

Accessing the IDM can only be done from a server, and should never be done from a client device!

Architecture

In order to use the IDM you have to use a server so that the IDM client ID and IDM client secret are never visible for the app that is running on the user's device. The IDM client ID and IDM client secret always stay on the server and should never be exposed to your client-side application. From there on the server requests an access token from our OAuth 2.0 Server that can be saved on the server and can be used to authenticate against the IDM service. To learn more about how to authenticate with client credentials, take a look at our guide.

The following diagram show the authentication flow with the IDM.

Lade Grafik...

IdmAbout the IDM

IdmAccess vs. Sync