You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

What is it?

OAuth 2.0 is a popular authorisation protocol that allows users to grant third-party applications access to their resources without revealing their usernames or passwords. It's a standard for secure access to APIs and shared online resources.

How does it work?

OAuath 2.0 has four main flows or grant types.   DualShield Authorisation server uses the Client Credential Grant Type

There are a few key components:

Client Application: This is the application that want to access a protected resource

Resource Server: The API or service the client wants to access, using the access token

Authorisation Server: The server that authenticates the Client and issues access tokens (e.g. DualShield Authentication Server)

Access Token: A credential issued by the authorization server that the client uses to access protected resources. Typically a JWT (JSON Web Token) consisting of a client ID and Client Secret.




  • No labels