Authress Platform Extensions are a OAuth2.1 service platform. Your users can log into other services using their identity in your Authress account on your marketplace platform.
What are Platform Extensions?
Manage extensions in the Authress Management Portal: platform extensions
This section refers to building an app Marketplace. Your product offers core features and part of the offering enables third party developers or customers to build plugins or extensions using your solution. A good example of this is Slack or Shopify. Those platforms offer third parties the ability to build extensions on top.
The security for your platform also needs to be centralized to extend security to these extension. Authress provides Platform Extensions as the solution.
Before we continue, let's highlight some vocabulary:
users- We'll refer to your first-class end-users as
users, these users interact with your platform directly.
account owner- The user that owns the customer account.
extension developers- We'll reference to your users that create and deploy extensions for other users to log in as
SSO- the mechanism by which your
userslog into your platform, usually by redirecting them through Authress to their corporate IdP or using a federated login provider.
platform identity- The user's data related to their
SSOlogin, their ID or
subgenerated by Authress.
extension identity- The user's data mapped from their
platform identityto the extension also generated by Authress. This
extension identitydoes not contain any user data from your platform or from Authress other than the
tenantId. The keeps your users' data secure.
Here is a quick summary of the different components of extensions, each of these is a link to the follow sections in more details:
Jump to logging into your platform
In your extension marketplace, you have two different kinds of users:
- Users that log directly into your platform
- Users who are developers who build extensions to be used with your platform
Jump to managing extensions
The developer users will create and register extensions in your platform. These extensions will have their own resources as well as attempt to access the resources of your logged in users. They will need at Authress service client. Authress service clients track programmatic entities and their permissions to access resources.
Jump to installing extensions
Once the extension is created by an extension developer, your users will have to enable that extension for their account. It would not make sense to grant every extension access to every one of your customer accounts. So there should be an explicit step that your users will go through to
enable the extension.
Jump to extension authentication
After a user has enabled an extension for their account. They'll likely navigate to the extension to configure it. To do so they might go to a website created by the extension developer. That website will ask them to log in with their
Platform Identity. This will direct them to your Authress managed login page to log in.
📄️ Platform user login
Enable users to log into your platform.
📄️ Creating extensions
Support extension developers creating and managing platform extensions.
📄️ Installing extensions
Configure how your platform users will install and enable extensions.
📄️ Extension authentication
How do users log into extensions and managing extension authentication.