From MgmtWiki
Revision as of 11:22, 26 August 2021 by Tom (talk | contribs) (Problems)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Full Title or Meme

An Authorization Grant is a specific structure that gives some entity on the internet authorization to access a Resource.


In OAuth 2.0 an authorization grant is defined as:

An authorization grant is a credential representing the resource owner's authorization (to access its protected resources) used by the client to obtain an access token. This specification defines four grant types -- authorization code, implicit, resource owner password credentials, and client credentials -- as well as an extensibility mechanism for defining additional types.

Later use extended grant types to include authorization for users to get access to Resources as well as User Consent for a Relying Party to access User Information.



  1. Give Authorization Grants a short life time, like 5 to 10 minuets, which could create problems for long running interactions with a Subject.