oauth tutorial - OAuth User Agent - oauth2 tutorial - oauth authentication




What is User Agent in OAuth 2.0?

oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  oauth2 implicit  -   oauth response type -  google oauth 2  - what is oauth , saml vs oauth , oauth tutorial
  • The user agent application is used by the client application acts as the scripting language such as JavaScript which is running in a browser.
  • The user agent application is used for instance where JavaScript application is running in a browser.
  • A user agent application may be stored on a web server, but the application is only running in the user agent once it is downloaded.
  • We can store the user agent application which is done on the web server.
  • The following diagram shows the architecture of the public client user agent application.
 learn oauth tutorial - oauth user agent - oauth example

learn oauth tutorial - oauth user agent - oauth example

Description of the example

  • First, the user accesses the resources of the resource owner by using authenticating application such as Google, Facebook, Twitter, etc.
  • Then, the resource owner provides the client Id and client password to log on to the public client user agent application.
  • Then, the public client user agent application provides an instance of a JavaScript application running in a browser and links to the web hosting client.
  • The authorization server allows access to the resources from the resource server using the client credentials.
  • The resource server contains the resources, which are owned by the resource owner.
  • The web hosting client is used by public client application that resides on the computer.
  • It’s also used by public client apps running in a browser using a scripting language such as JavaScript.
  • These public client apps can protect user secrets and apps are widely distributed and also the client secret can’t be confidential.
  • The resource server uses the username-password authentication flow to authenticate when the customer already has the user’s credentials.
 learn oauth tutorial - oauth user agent application and salesforce - oauth example

learn oauth tutorial - oauth user agent application and salesforce - oauth example

  • In this diagram, the user’s credentials are used by the application to request an access token
  • The application uses the user username and password to request an access token.
  • This is done through an out-of-band POST request to the appropriate Salesforce token request endpoint,
  • Salesforce verifies the user credentials, and if it is successful, it sends a response to the application with the access token.
  • The application uses the provided access token to access protected user data which is given
  • The Web server authentication flow and user-agent flow provide a refresh token which can be used to obtain new access token.
  • Access tokens have a limited lifetime which is specified by the session timeout in Salesforce.
  • If the application uses an expired access token, a “Session expired or invalid” error is returned.
  • If the application is using the Web server or user-agent authentication flows, a refresh token is provided during the authorization which can be used to get a new access token.

Related Searches to OAuth User Agent

Adblocker detected! Please consider reading this notice.

We've detected that you are using AdBlock Plus or some other adblocking software which is preventing the page from fully loading.

We don't have any banner, Flash, animation, obnoxious sound, or popup ad. We do not implement these annoying types of ads!

We need money to operate the site, and almost all of it comes from our online advertising.

Please add wikitechy.com to your ad blocking whitelist or disable your adblocking software.

×