OAuth 2 in Action

Chapter 6. OAuth 2.0 in the real world

This chapter covers

Using different OAuth grant types for different situations
Dealing with native web and browser-based applications
Handling secrets at configuration time and runtime

So far in this book, we’ve covered OAuth 2.0 in a fairly idealized state. All the applications look the same, all the resources look the same, and everybody does things the same way. Our extensive example in chapter 2 covered the authorization grant protocol, using a web application with a client secret. All of our exercises in chapters 3, 4, and 5 have made use of the same setup.

Making simplifying assumptions like this is a good way to learn about the fundamentals of a system, but of course the applications we all build ...

Get OAuth 2 in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

OAuth 2 in Action by Justin Richer, Antonio Sanso

Chapter 6. OAuth 2.0 in the real world

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly