!
'!
!
Table&of&Contents!
Contents!
TABLE OF CONTENTS ............................................................................................................................ 2!
ABOUT THIS DOCUMENT ............................................................................................................................ 3!
GETTING STARTED ................................................................................................................................. 4!
1! OVERVIEW .......................................................................................................................................... 5!
1.1! OAUTH 2.0 OVERVIEW ..................................................................................................................... 5!
1.2! DEVELOPER CONSIDERATIONS ......................................................................................................... 5!
1.2.1! Application Developer ............................................................................................................... 5!
1.2.2! API Developer ........................................................................................................................... 6!
APPLICATION DEVELOPER CONSIDERATIONS ............................................................................ 7!
2! GET A TOKEN ..................................................................................................................................... 8!
2.1! OAUTH 2.0 GRANT TYPES ................................................................................................................ 8!
2.2! AUTHORIZATION CODE GRANT ........................................................................................................ 9!
2.2.1! Client Configuration ................................................................................................................ 10!
2.2.2! Request authorization from user and retrieve authorization code .......................................... 10!
2.2.3! Swap the authorization code for an access token .................................................................... 11!
2.3! IMPLICIT GRANT ............................................................................................................................. 13!
2.3.1! Client Configuration ................................................................................................................ 14!
2.3.2! Request authorization from user and retrieve access token .................................................... 14!
2.4! RESOURCE OWNER PASSWORD CREDENTIALS (ROPC) ................................................................ 16!
2.4.1! Client Configuration ................................................................................................................ 16!
2.4.2! Request user authentication and retrieve access token ........................................................... 17!
2.5! CLIENT CREDENTIALS .................................................................................................................... 19!
2.5.1! Client Configuration ................................................................................................................ 19!
2.5.2! Request access token ............................................................................................................... 20!
2.6! EXTENSION GRANTS (I.E. SAML BEARER) ..................................................................................... 21!
2.6.1! Client Configuration ................................................................................................................ 21!
2.6.2! Request access token ............................................................................................................... 22!
3! REFRESH A TOKEN ......................................................................................................................... 24!
4! USE A TOKEN .................................................................................................................................... 26!
API DEVELOPER CONSIDERATIONS ............................................................................................... 27!
5! VALIDATE A TOKEN ....................................................................................................................... 28!
5.1.1! Client Configuration ................................................................................................................ 28!
6! REFERENCES .................................................................................................................................... 31!
!
!