Oauth - Authorization Server

> Software Security > (Authentication|Access control|Identification) - AuthN > Oauth 2.0 - Authorization framework

1 - About

Authorization Server is one of the 4 oauth role.

The server issuing access tokens to the client after successfully authenticating the resource owner and obtaining authorization.

Advertising

3 - Implementation

The authorization server may be:

The interaction between the authorization server and resource server is beyond the scope of the Oauth specification.

The authorization server SHOULD NOT make assumptions about the client type.

The authorization server MUST first verify the identity of the resource owner. The way in which the authorization server authenticates the resource owner (e.g., username and password login, session cookies, ...) is beyond the scope of the Oauth specification.

3.1 - Endpoint

4 - Library / Software

security/auth/oauth/authorization_server.txt · Last modified: 2019/05/11 17:40 by gerardnico