O'Reilly logo

OAuth 2.0 Identity and Access Management Patterns by Martin Spasovski

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Requesting authorization

We'll assume that the client application is already registered with the authorization server, and the client developer gets the required data from the server, such as authorization endpoint and client identification.

The client application constructs the request, using the specified endpoint and the needed parameters and, for example, we may have the following form:

https://api.example-service.com/oauth/authorize?response_type=token&client_id=CLIENT_ID_EXAMPLE&redirect_uri=REDIRECT_ENDPOINT_EXAMPLE

The parameters that are used when constructing the request are as follows:

  • response_type: This is a mandatory parameter, and its value must be set to token
  • client_id: This is a mandatory parameter used for client identification ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required