Posts

Showing posts from November, 2017

A Basic Comprehensive Application to Understand OAuth2.0 Authorization Code Grant Type.......

Image
There are few steps in OAuth we have to follow .... Step 1 >>   Authorization Code Link First user is given authorization code link like this. http://localhost:8081/auth/oauth/authorize? response_type=code&client_id= CLIENT_ID &redirect_uri= CALLBACK_URL &scope= write Here is an explanation of the link components: https://cloud.digitalocean.com/v1/oauth/authorize : the API authorization endpoint client_id= client_id : the application's  client ID  (how the API identifies the application) redirect_uri= CALLBACK_URL : where the service redirects the user-agent after an authorization code is granted response_type= code : specifies that your application is requesting an authorization code grant scope= write : specifies the level of access that the application is requesting. Step 2 >> User Authorizes Application When the user clicks the link, they must first log in to the service, to authenticate their ident...

About OAuth 2...

Image
  What is OAuth?.. OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service, such as Facebook, GitHub, and DigitalOcean. It works by delegating user authentication to the service that hosts the user account, and authorizing third-party applications to access the user account. OAuth 2 provides authorization flows for web and desktop applications, and mobile devices. This informational guide is geared towards application developers, and provides an overview of OAuth 2 roles, authorization grant types, use cases, and flows. What are the roles in OAuth ? Resource Owner Client Resource Server Authorization Server We will detail each role in the following subsections. Resource Owner The resource owner is the  user  who authorizes an  application  to access their account. The application's access to the user's account is limited to the "scope" of the authorization granted (e.g...