- The authorization code grant type is used to obtain both accesstokens and refresh tokens and is optimized for confidential clients.Since this is a redirection-based flow, the client must be capable ofinteracting with the resource owner’s user-agent (typically a webbrowser) and capable of receiving incoming requests (via redirection)from the authorization server.
- The implicit grant type is used to obtain access tokens (it does notsupport the issuance of refresh tokens) and is optimized for publicclients known to operate a particular redirection URI. These clientsare typically implemented in a browser using a scripting languagesuch as JavaScript.
Authorization code grant 和 Implicit grant 有什么区别?
最新推荐文章于 2022-04-16 19:34:43 发布