Get Started
  • Home
  • /
  • Delegated Authentication

Delegated Authentication

A method where a non-human identity (NHI) is granted permission to authenticate on behalf of a user or another entity.

Description

Delegated Authentication is a process that allows non-human identities, such as applications or services, to act on behalf of a user or another entity when accessing resources. This is particularly useful in scenarios where automated systems need to interact with various services while maintaining security and user privacy. Through delegated authentication, a non-human identity can obtain an access token that grants it permission to perform specific actions, such as accessing APIs, without requiring user credentials directly. This approach simplifies the authentication process for applications and reduces the risk of credential exposure. Typically, delegated authentication is implemented using protocols like OAuth, where an application obtains authorization from a user to act on their behalf. This mechanism is essential for integrating third-party services, enabling functionalities like automated data retrieval, posting updates, or accessing user-specific resources without compromising user security.

Examples

  • A cloud service accessing a user's data in a storage service using an OAuth token.
  • A chatbot that manages calendar events on behalf of a user through delegated permissions.

Additional Information

  • Delegated authentication enhances security by minimizing the need for sharing passwords.
  • It is commonly used in microservices architecture, where services need to communicate securely.

References