Roles (RFC 6749)
Resource owner
An entity capable of granting access to a protected resource.
End-user: a resource owner that is a person.
Resource server
The server hosting protected resources.
Capable of accepting and responding to protected resource requests using access tokens.
Client
An application makes requests for protected resources on behalf of the resource owner and with its authorization.
Authorization server
The server issues access tokens to the client after successfully authenticating the resource owner and obtaining its authorization for the client to access one of its resources.
Last updated