admin/hspguard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: decribed user authorization flow through web url

Browse Source
This commit is contained in:
Amir Adal
2025-05-17 23:15:28 +02:00
parent dd2abd2d81
commit 264fb12510
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
README.md
View File

@ -70,6 +70,22 @@ HSP Guard checks the users assigned permissions and responds with the authori
---
## 🔄 User Authorization Flow
When a user tries to access a home lab service that requires authentication:
1. The application will **offer an authorization URL** to the user.
2. The user follows the URL and is taken to the **HSP Guard login page**.
3. The user selects or signs into an account they wish to use for that service.
4. Once authenticated and authorized, the user is redirected to the **application-defined redirect URL**.
5. The application can now:
- Retrieve a **JWT token** from the redirect callback
- **Optionally cache the session/token** to avoid prompting the user every time
This process is similar to how external identity providers like **Google Sign-In** or **GitHub OAuth** work — providing a seamless and secure authentication experience for the user.
---
## ⚙️ Integrating New Services & Tools
When a new service or tool is installed: