Auth Playground

OAuth 2.0 Demonstration Client

demo.canaille.yaal.coop

OAuth 2.0 Authorization Server • playgroundspecs

Privacy Policy

Overview

Auth Playground is a demonstration tool for OpenID Connect authentication.

What Data Is Handled

When you authenticate through Auth Playground, the following information is received from your identity provider:

  • Access token: Used to access protected resources
  • Refresh token: Used to obtain new access tokens (if provided)
  • ID token: Contains your identity information in JWT format
  • User information: Profile data such as name, email, phone, address, groups, etc.

The exact data received depends on the scopes requested and what your identity provider shares.

How Data Is Stored

All authentication data is stored server-side in memory.

  • Data is stored in server memory (RAM) only
  • A secure session cookie is sent to your browser (containing only a session ID, not the actual data)
  • No database, files, or permanent storage is used
  • All session data is lost when the application restarts
  • Data is cleared when you log out
  • Sessions expire when you close your browser

Data Sharing

Auth Playground does not:

  • Share your data with third parties
  • Send data to external services
  • Store data permanently
  • Track your usage
  • Use analytics or advertising

The only external communication is with your configured identity provider for authentication purposes.

Security Considerations

  • Use only test accounts, not real user accounts
  • Do not use sensitive or production data
  • Ensure your deployment is properly secured (HTTPS, firewall, etc.)
  • Change the default SECRET_KEY environment variable

Your Rights

  • You can review the source code to understand data handling
  • You can modify the application to suit your needs

Identity Provider's Privacy Policy

Your identity provider may have its own privacy policy regarding the data they collect and share. Please review their privacy policy for information about how they handle your data.