The way I understand it is that the user signed onto the Atlassian Crowd service. Atlassian Crowd verifies users identity and issues a token. Each subsequent request is routed via the Atlassian Crowd along with the token to ensure the token is valid and up to date.
Does anyone have any experience with this kind of authentication? Can you point me to some help topics or resources to get me going please? How far is it from OAuth2?
Any pointers welcome.