Resource Owner Password Credential : This is a simple grant type which does not have any redirect flow.Also, this flow does not authenticate the identity of the application, and relies on the redirect URI (that was registered with the service) to serve this purpose. The access token is given to the user-agent to forward to the application, so it may be exposed to the user and other applications on the user’s device. Implicit : This grant is similar to Authorization Code which is a redirection-based flow, however, the confidentiality of the access token is not guaranteed.
#LINKEDIN DATA API HOW TO#
"iHerb Login" mentioned in the previous article also use this grant type.) ** In this article I will focus on how to pass through OAuth2.0 with this grant type. Also, this method allows the best experience for Resource Owner to interact with web browser. Authorization Code **: the most commonly used types because it is optimized for server-side applications, where source code is not publicly exposed, and Client Secret confidentiality can be maintained.For detail, you can take a look on this documentation as reference) In general, OAuth2.0 supports 4 different types of authorization grant, including: (i.e. Understand the OAuth grant type supported If you need more scopes, you have to make a request and ask for approval from Linkedin. Linkedin only provide three limited scopes to your application when created. Be aware that social platform does not provide full scopes by default. OAuth 2.0 scopes: The scope determines which API types can be called in the platform.
Access Token Lifetime: The duration of the token lifetime.Client ID & Secret: The ID & password of your client app, and required during OAuth process.
0 kommentar(er)
