Implicit grant type falls under 3 legged OAuth? explanation why? @Anil Sagar @ Google @Siddharth Barahalikar
Implicit should fall under 3 legged OAuth. It is a simplified version of Authorization grant type.
3-legged means that an application acts on the direct behalf of a user.
2-legged scenarios there is no concept of a user. Typically this has to do with application-to-application solutions
Basic Implicit Steps involves,
Step 1 - Get the User's Authorization & Consent Page.(This step will result in a 302 redirect with token & expire details in callback URL.)
Step 2 - Extract the Access Token
Step 3 - Call the API
Interesting to know even password grant type falls under 3-legged
Implicit should fall under 3 legged OAuth. It is a simplified version of Authorization grant type.
3-legged means that an application acts on the direct behalf of a user.
2-legged scenarios there is no concept of a user. Typically this has to do with application-to-application solutions
Basic Implicit Steps involves,
Step 1 - Get the User's Authorization & Consent Page.(This step will result in a 302 redirect with token & expire details in callback URL.)
Step 2 - Extract the Access Token
Step 3 - Call the API
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |