OAuth 2.0 External Authentication
MarkLogic 11 expands its external authentication options by adding support for OAuth 2.0. In this first phase of OAuth capability, MarkLogic 11 supports configuration of external security with OAuth servers using “Introspection” access token validation. This capability has currently been validated against Ping Identity.
Support for other OAuth features, such as JWT access token validation, additional encryption options, and additional OAuth servers is planned for future releases.
OAuth external security can be setup via the Security -> External Security -> Create screen in the MarkLogic 11 Admin UI or via the sec.createExternalSecurity() and sec.oauthServer() built-in functions.
Also see Security-sec (sec.) for the complete list of built-in functions available.