Oauth - Authorization Grant (Resource Owner Authorization|Authorization Credentials)


An Authorization Grant is a credential representing the resource owner's authorization to access its protected resources.

The flow for each type of grant is expressed using grant type:

  • one of four grant types
  • or an extension grant type.

The authorization grant is used by the client to obtain an access token (except for the implicit one because there is no intermediate grant, the access token is issued directly).


The Oauth specification defines four grant types.

Grant type Flow Type Description
authorization code (preferable) Oauth - Flow (Abstract Protocol Flow) intermediate credentials, authentication of the client
implicit Oauth - Flow (Abstract Protocol Flow) no intermediate credentials, no authentication of the client, flow optimized for clients implemented in a browser using a scripting language (such as JavaScript)
resource owner password credentials Oauth - Flow (Abstract Protocol Flow) The client has access to the resource owner credentials during a single request to get an long-lived access token - therefore a high trust between client and resource owner is needed
client credentials the client is also the resource owner or an authorization was previously arranged with the authorization server
extensibility mechanism for defining additional types

The authorization grant type depends on:



A grant is issued by the authorization endpoint

Powered by ComboStrap