What is an Authorization Code Grant? OAuth 2.0

authorization code grant

An Authorization Code is a temporary code used by the client to exchange for an Access Token.

In OAuth 2.0, an Authorization Code Grant is used by confidential and public clients to exchange an authorization code for an Access Token. Once the user returns to the client via the redirect URL, the application receives the authorization code from the URL which is used to request an Access Token

OAuth Security:

Until the year 2019, OAuth 2.0 recommended using the PKCE extension for mobile and JavaScript apps, whereas in the latest spec, OAuth Security BCP now recommends using PKCE also for server-side apps.

Example of Authorization Code Grant URL:
&scope= postal_code
Request Parameters:
client_id  -> REQUIRED, it is the identifier for your app
scope  -> REQUIRED
response_type -> REQUIRED
redirect_uri  -> REQUIRED
code_challenge  -> RECOMMENDED
code_challenge_method  -> RECOMMENDED 
Copyright © Code2care 2024 | Privacy Policy | About Us | Contact Us | Sitemap