CLASS 07

REVIEW, RESEARCH AND DISCUSS

• HOME

• Register your application to get a client_id and client_secret.

• Ask the client if they want to sign in via a third party

• Redirect to a third party authentication endpoint

• Make a request to a third-party API endpoint

• Receive authorization code

• Make a request to the access token endpoint

• Receive access token

What can you do with an authorization code?

• The authorization code is the code the user sends to get the token.

What can you do with an access token?

• access tokens are a way to authenticate the user.

What’s a benefit of using OAuth instead of your own basic authentication?

TERMS:

• ClientID

• is a public the identifier of the app.

• Client Server

• Authentication Endpoint

• is the request sent to the client for logging purposes

• Access Token Endpoint

• is used by the application to get an access token from the client

• API Endpoint

is just an end point of communication channel

• Authorization code

• the authorization code grant is used when an application exchanges an authorization code for an access token

• Access token

• access tokens are the thing that applications use to make API requests on behalf of a user

access token

HOME