OAuth - Public client

Oauth

OAuth - Public client

About

A public client is a client that has a public type.

It means that you are not the administrator of the computer whereas with a confidential (private) client you are.

A bad agent can scan your application in order to find authentication/authorization material.

With an authorization code grand, PKCE is recommended for public client

List




Discover More
Oauth
OAuth - Implicit Grant and flow

The implicit grant is a grant type (flow) that issued directly an access token. (It does not support the issuance of refresh tokens). This grant type is called implicit, as no intermediate credentials...
Oauth
Oauth - Client (App)

client is one of the 4 roles of the Oauth specification. In its most basic form, it's a web site used by a end-user. In more details, it's is a (first-party or third party service application making...
Oauth
Oauth - Client Authentication

authentication method for a client in Oauth. The client MUST NOT use more than one authentication method in each request. Client authentication is used for: Enforcing the binding of refresh tokens...
Oauth
Oauth - Confidential Client

Confidential client are client (app) that have a confidential type (ie private) If a client is confidential, it's not a public client such as a web server, see
Oauth
Oauth - Native application

A native application is a public client installed and executed on the device used by the resource owner (ie end user). Protocol data and credentials are accessible to the resource owner. It is assumed...
Oauth
Oauth - Web Browser / User-agent-based application

A user-agent-based application is a public client in which the client code (generally javascript) is downloaded from a web server and executes within a user-agent (e.g., web browser) on the device used...
Oauth
Proof Key For Code Exchange (PKCE) flow

OAuth 2.0 public clients (ie browser) utilizing the Authorization Code Grant are susceptible to the authorization code interception attack. Proof Key for Code Exchange by OAuth Public Clients (PKCE) ...



Share this page:
Follow us:
Task Runner