I introduced you to OAuth 2.0 and OAuth 2.0 is just a framework related to Authorization, that is, it only defines what resources a Client Application can use, in the access token, so that when requesting to the Resource Server, Resource Server will base on… Read More
Public clients like Native mobile applications or Single Page Applications cannot securely store Client Secret in Authorization Code grant type. Decode source of the mobile application or view source code of Single Page Application, we can see this Client Secret information. So OAuth introduces Proof… Read More
In OAuth 2.0, we can have many different types of Client Applications that users can use to access Resource Server’s resources. For example, we have native mobile applications, web applications including Single Page Application, console or backend applications, etc. These Client Applications will need to… Read More
The grant type is how OAuth 2.0’s Authorization Server can process and verify that the Client Application is eligible for access to the Resource Server. There are 5 types of grant types that OAuth 2.0 defines in its spec: Authorization Code Implicit Resource Owner Password… Read More
OAuth (Open Authorization) 2.0 is a standard that defines how third-party applications can access user information and resources related to this user in another application. It makes it possible for third-party applications to access resources without knowing the credentials of the user who owns those… Read More
