Cross App Access Demo
Cross App Access is an OAuth extension that enables an enterprise IdP to manage the OAuth connections between applications.
This website acts as a Resource application. You can use it to test out building a Client.
As a Resource application, it includes both an internal Authorization Server as well as a simple API. The endpoints you can use to interact with it are listed below.
| Endpoint | Role |
|---|---|
https://motd.xaa.rocks/token |
Issues access tokens when presented with a valid ID-JAG |
https://motd.xaa.rocks/motd |
When presented with a valid access token, returns the message of the day |
- Configure your IdP to issue ID-JAGs with an
audiencevalue ofhttps://motd.xaa.rocks/. - Sign in to your Client through the IdP
- Make a Token Exchange request to your IdP to exchange the ID Token for an ID-JAG
- Make an Access Token request to this website to exchange the ID-JAG for an access token
- Make a request to this website's
motdendpoint to find the dailysecret message
Note: This website will accept ID-JAGs from any issuer for demonstration purposes. In practice, a SaaS app like this will likely restrict the issuers it accepts ID-JAGs from to enterprise IDPs of current customers.