Oauth - Authorization Grant (Resource Owner Authorization|Authorization Credentials)
Table of Contents
About
An Authorization Grant is a credential representing the resource owner's authorization to access its protected resources.
The flow for each type of grant is expressed using grant type:
- one of four grant types
- or an extension grant type.
The authorization grant is used by the client to obtain an access token (except for the implicit one because there is no intermediate grant, the access token is issued directly).
Articles Related
Type
The Oauth specification defines four grant types.
| Grant type | Flow Type | Description |
|---|---|---|
| authorization code (preferable) | Oauth - Flow (Abstract Protocol Flow) | intermediate credentials, authentication of the client |
| implicit | Oauth - Flow (Abstract Protocol Flow) | no intermediate credentials, no authentication of the client, flow optimized for clients implemented in a browser using a scripting language (such as JavaScript) |
| resource owner password credentials | Oauth - Flow (Abstract Protocol Flow) | The client has access to the resource owner credentials during a single request to get an long-lived access token - therefore a high trust between client and resource owner is needed |
| client credentials | the client is also the resource owner or an authorization was previously arranged with the authorization server | |
| extensibility mechanism | for defining additional types |
The authorization grant type depends on:
- the method used by the client to request authorization
- and the grant types supported by the authorization server.
Management
Get
A grant is issued by the authorization endpoint