0% found this document useful (0 votes)
11 views2 pages

What Is Oauth2

Uploaded by

Diego Rayklash
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
11 views2 pages

What Is Oauth2

Uploaded by

Diego Rayklash
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

De cliente:

Liga a la aplicación
Datos del usuario a utilizar en la apicación
Usuarios necesarios a ambientar en desarrollo para realizar pruebas

De llave maestra
Client_id
 Client_secret
 Scope
 Atributos dentro del scope

What is the OAuth 2.0 Authorization Code grant?

This is the grant we are going to use to authenticate our users. In this particular
grant, FusionAuth generates and passes validated access tokens to the React app,
which then presents those tokens to the Express backend to gain access to the
requested resources. The tokens are never stored on the browser, but are instead
stored on the server. This is called the “backend for frontend” pattern, or BFF. If
you want to learn more, take a look at our Modern Guide to OAuth

Using an Authorization Code grant has many advantages, including being more secure
than alternatives such as the Implicit grant. Whereas an Implicit grant
authenticates against FusionAuth but exposes the resulting Access Token in the URL,
the Authorization Code grant adds an extra layer of security by exchanging an
Authorization Code for an Access Token before the user can gain access to their
resources. To see a deep dive into this grant that is language-agnostic, take a
look at our example Authorization Code grant.

Llamando a servicios (4):

1) Llamado a endpoint /authorize



 URL: https://gruposalinas-oie.oktapreview.com/oauth2/v1/authorize
 Parámetros:
o response_type : code
o client_id : “cadena proporcionada por llave maestra”
o redirect_uri: liga a la que será re direccionado el usuario después de un login
exitoso
(url proporcionada por el desarrollador)
o scope: “valor proporcionado por llave maestra”
o state : validacion (NOTA: Este valor es únicamente para el ambiente de desarrollo
y
cambiará una vez que se haga el pase a producción)

Ejemplo:
https://gruposalinas-
oie.oktapreview.com/oauth2/v1/authorize?
response_type=code&client_id=0oa2fd4bc1yG5YCHP1d
7&redirect_uri=http://localhost:8080/Camaxtli_OAuth/
&scope=openid+profile&state=validacion

You might also like