Difference between revisions of "Client flow description"
Pavel.lobko (talk | contribs) m (Pavel.lobko moved page Client-flow-description to Client flow description without leaving a redirect) |
Pavel.lobko (talk | contribs) |
||
| Line 26: | Line 26: | ||
|[[i2Rest-client command#AUTHPW| User/OAuth2 client/dev passwd]] | |[[i2Rest-client command#AUTHPW| User/OAuth2 client/dev passwd]] | ||
|- | |- | ||
| − | |[[i2Rest-client command#TOKENURL| OAuth2 token endpoint]] || HTTP resource used by the client to | + | |[[i2Rest-client command#TOKENURL| OAuth2 token endpoint]] || HTTP resource used by the client to obtain an access token |
|- | |- | ||
|} | |} | ||
Revision as of 15:35, 14 April 2020
An application can request an access token using only its own credentials, the flow is pretty simple.
The flow consists of the following steps:
- (A) The client authenticates with the authorization server and requests an access token from the token endpoint.
- (B) The authorization server authenticates the client, and if valid, issues an access token.
Required parameters
| Parameter | Description |
|---|---|
| Authentication method | *OAUTH2C must be specified
|
| Command | Any of available request type can be choosen |
| API endpoint | HTTP resource to serve the request |
| Tokens storage | ??????? |
| User/OAuth2 client/device ID | Client Credentials to authenticate with authorization server |
| User/OAuth2 client/dev passwd | |
| OAuth2 token endpoint | HTTP resource used by the client to obtain an access token |
