OAuth - Authorization Code

Oauth

About

An authorization code is a intermediate credential used in a authorization code flow to retrieve a access token.

It's a shared secret that does not long live because it's passed back via the query parameters and therefore will be leaked (written) in a Web Log of the HTTP request.

Example

https://example.com/redirection/path?code=AUTHORIZATION_CODE&state=xxxxx

where:

Example of value

code=4/0AX4XfWhcZSdBvBXanPSGA5VYYjz0_gwFtRLB2csaJ4K_ym6BS4QBTBq4hysO4oKyp0AinA

Security Benefice

The authorization code provides a few important security benefits, such as:

  • as it's passed back to the client via query url, this code can be leaked in a http request log file because it has a short timespan. (The client then asks via a secure Ajax request the real authentication material).
  • the ability to authenticate the client,
  • the transmission of the access token directly to the client without passing it through the resource owner's user-agent and potentially exposing it to others, including the resource owner.





Discover More
How does Single Sign-on (SSO) authentication work?

Single Sign-On (SSO, trusted sign-on) is the ability: to require a user to sign once and gain access to different applications. SSO is also known as: as Trusted sign-on or Multi-Domain Security...
Data System Architecture
Logical Data Modeling - Identification

identification permits to identify a a primary element (ie an entity or a relationship) Some systems use the last four digits of a Social Security number as an authentication code, even though a...
Oauth
Oauth - Credential

This page lists all token used in OAuth Credential Type Type Description Used to access the protected resources Used to get a access token (and eventually a refresh token ...
Oauth
Proof Key For Code Exchange (PKCE) flow

OAuth 2.0 public clients (ie browser) utilizing the Authorization Code Grant are susceptible to the authorization code interception attack. Proof Key for Code Exchange by OAuth Public Clients (PKCE) ...
Windows Network Protocol Sysinfo
What is a Network Communication Protocol?

A network protocol is a protocol: that describes the computer language that will allow two or more computer processes to communicate together. agentsAlgorithms A protocol has only one OSI level...
Oauth
What is the OAuth Authorization Code Flow?

The authorization code grant type (flow) works with an intermediate credential called a authorization code. It is a indirect and redirection-based flow that is optimized for confidential clients. The...
Oauth
What is the OAuth Authorization Endpoint?

The authorization endpoint is one of two endpoints of the authorization server. It's used by the client (app) to obtain authorization from the resource owner in the form of a authorization grant via...



Share this page:
Follow us:
Task Runner