Authorization code flow

Question

Authorization code flow

Closed this issue 8 years ago · 2 comments

HI matik12
Currently, this plugin supports implicit grant flow. Is there any way that I can do similar with Authorization code flow

Answer 1 · 2016-10-20T02:52:19.000Z

Unless I'm mistaken, authorization code flow is for server-server interactions. This is a SPA plugin for developing client software therefore no ACF.

Answer 2 · 2016-10-22T11:54:26.000Z

Hi brijan,

I am sorry for a late response. As PeterWone mentioned this plugin only supports implicit grant flow which is recommended for Single Page Application according to OAuth2 Authorization Framework specification. Authorization code flow can be used when flow is implemented on the server side (not client side code) because it requires to store secret key to obtain access token. This can be only secured when key is stored on the sever side.

If I can help with anything else, please just ask :)

Mat