Skip to content

Commit

Permalink
Update docs/src/main/asciidoc/security-oidc-auth0-tutorial.adoc
Browse files Browse the repository at this point in the history
Co-authored-by: Michelle Purcell <92924207+michelle-purcell@users.noreply.github.com>
  • Loading branch information
sberyozkin and michelle-purcell authored Sep 26, 2023
1 parent f3a6d03 commit efea0fc
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion docs/src/main/asciidoc/security-oidc-auth0-tutorial.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,8 @@ public class GreetingResource {
}
}
----
<1> Injected `JsonWebToken` (JWT) token has an `@IdToken` qualifier. `IdToken` represents a user authentication in the OIDC Authorization code flow.
<1> The injected `JsonWebToken` (JWT) token has an `@IdToken` qualifier.
`IdToken` represents the user authentication part of the OIDC authorization code flow mechanism.
<2> `io.quarkus.security.Authenticated` annotation is added to the `hello()` method requiring that only authenticated users can access it.

Note that the access token acquited during the authorization code flow, alongside the ID token, is not used directly by the endpoint but is only used to access downstream services on behalf of the currently authenticated user. We will talk about using the access tokens later in this tutorial.
Expand Down

0 comments on commit efea0fc

Please sign in to comment.