OAuth Explained Part 2: Authorization Code Grant
In Part 1, I explained the OAuth protocol flow at a high-level. In this part, we will dive in to the most popular authorization grant type: the authorization code grant.
Grant Flow The authorization code grant is a redirection-based flow:
The client redirects the resource owner’s user agent (hereafter, we’ll just say “browser”) to the authorization server. The authorization server authenticates the user. The authorization server asks the resource owner for consent to give the client access to the protected resources.
Read more