book

Getting Started with OAuth 2.0

by Ryan Boyd

February 2012

Beginner to intermediate

78 pages

2h 13m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Content preview from Getting Started with OAuth 2.0

Limitations of the Implicit Grant Flow

The Implicit Grant flow does not accommodate refresh tokens. If the Authorization server expires access tokens regularly, your application will need to run through the authorization flow whenever it needs access.

Some API providers, such as Google, will not reprompt the user for access if the user remains logged in and has approved the required scopes previously. The application can do this “refresh” process in the background as an iframe without any impact on the user experience.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

OAuth 2 in Action

Justin Richer, Antonio Sanso

Advanced API Security: OAuth 2.0 and Beyond

Prabath Siriwardena

Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0

Yvonne Wilson, Abhishek Hingnikar

Solving Identity Management in Modern Applications: Demystifying OAuth 2, OpenID Connect, and SAML 2

Yvonne Wilson, Abhishek Hingnikar

Publisher Resources

ISBN: 9781449317843Errata Page Supplemental Content