OAuth2
authorization
授權
授予使用者何種存取權限等級
2023-11-08 Sign-in with OOO ID : O3noBLOG
draft-sakimura-oauth-wmrm-00
Openid-specs-ab IDP IFrame Specification
2023-10-05 仕様が読めるようになるOAuth2.0、OpenID Connect 入門 - Speaker Deck
OIDC
2024-11-17 手を動かしながらOAuth2/OIDC認可フローを学ぶ(Cognito) #AWS - Qiita
OAuth 2.0の認可エンドポイントにおける脆弱な実装例と対策について考える #Security - Qiita
https://github.com/shyuan/awesome-oauth-oidc
@alexxubyte: OAuth 2.0 Flows
Authorization Code Flow: The most common OAuth flow. After user authentication, the client receives an authorization code and exchanges it for an access token and refresh token.
Client Credentials Flow: Designed for single-page applications. The access token is returned directly to the client without an intermediate authorization code.
Implicit Code Flow: Designed for single-page applications. The access token is returned directly to the client without an intermediate authorization code.
Resource Owner Password Grant Flow: Allows users to provide their username and password directly to the client, which then exchanges them for an access token.
Over to you - So which one do you think is something that you should use next in your application?
–
Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): https://bit.ly/3KCnWXq
https://pbs.twimg.com/media/F4oLJFIWEAAI8yg.jpg
https://youtu.be/T0h6A-M_WmI
2018-11-14