Identification, Authentication and Authorization

Communication endpoints

Authorization endpoint

Service provided by the OAuth server.

  • Authenticates the resource owner (the user).

  • Asks for the delegation of access rights to its protected resources to the client.

  • Send an authorization grant to the redirection endpoint.

Token endpoint

Service provided by the OAuth server.

  • Produces access tokens given an authorization grant.

  • It can also produce refresh tokens.

  • Refresh tokens can be used to get new tokens.

    • With an authorization grant.

Client authentication.

  • ClientID + ClientSecret + HTTP basic authentication.

Redirect endpoint

Service provided by the client.

  • It collects the authorization grant provided by the OAuth server.

  • It should be called by the OAuth server using an HTTP redirect.

PreviousRoles (RFC 6749)NextApplication (client)

Last updated