Oauth - Flow (Abstract Protocol Flow)

1 - About

The abstract OAuth 2.0 flow describes the interaction between the four roles.

3 - Type

4 - Prerequisites

Before initiating the protocol (flow), the client must register with the authorization server

5 - Steps

5.1 - Direct

Flow when the client requests authorization from the resource owner directly.



<div class="mermaid">
    participant Cli as Client
    participant RO as Resource Owner
    participant AS as Authorization Server
    participant RS as Resource Server
    Cli->>RO: (A) Send a Authorization Request
    RO->>Cli: (B) Get a Authorization Grant
    Cli->>AS: (C) Send the Authorization Grant 
    AS->>Cli: (D) Get a Access Token
    Cli->>RS: (E) Send the Access Token 
    RS->>Cli: (F) Get the Protected Resource


5.2 - Indirect

A indirect flow is preferable and asks authorization to the authorization endpoint (ie authorization server) as an intermediary (between the client and the resource owner).

An indirect flow is a redirection based flow.


6 - Redirection-based

A redirection-based flow means that in the flow, the client (app) and/or the authorization server endpoints send feedback and directs the resource owner's user-agent (the end-user browser) to another destination via http redirection Any other method available via the user-agent than the HTTP 302 status code to accomplish this redirection is allowed and is considered to be an implementation detail.

The client must then be capable of:

All Redirection-based flow are indirect.

7 - Documentation / Reference

Data Science
Data Analysis
Data Science
Linear Algebra Mathematics

Powered by ComboStrap