Previous topic

Overview of the services

Next topic

Response codes

This Page

Feedback

GlossaryΒΆ

Auth Token
Used to identify the user after starting a session. Contains the user application id and the expiration date.
Cluster
Group of webheads and storage devices that make up a set of Service Nodes.
Colo
Physical datacenter, may contain multiple clusters
HKDF

HMAC-based Key Derivation Function, a method for deriving multiple secret keys from a single master secret.

See https://tools.ietf.org/html/rfc5869

Login Server
Used to authenticate user, returns tokens that can be used to authenticate to our services.
Mac Access Auth

An HTTP authentication method using a message authentication code (MAC) algorithm to provide cryptographic verification of portions of HTTP requests.

See https://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01

Master Secret
A secret shared between Login Server and Service Node. Never used directly, only for deriving other secrets.
Node
An URL that identifies a service, like http://phx345
Node Assignment Server
A service that can attribute to a user a node.
Service
A service Mozilla provides, like Sync or Easy Setup.
Service Node
a server that contains the service, and can be mapped to several Nodes (URLs)
Signing Secret
Derived from the master secret, used to sign the auth token.
Token Secret
Derived from the master secret and auth token, used as secret. This is the only secret shared with the client and is different for each auth token.
User DB
A database that keeps the user/node relation