Difference between revisions of "Grant"

From MgmtWiki
Jump to: navigation, search
(Context)
(Context)
Line 4: Line 4:
 
==Context==
 
==Context==
 
In [[OAuth 2.0]] an authorization grant is defined as:
 
In [[OAuth 2.0]] an authorization grant is defined as:
   An authorization grant is a credential representing the resource
+
   An authorization grant is a credential representing the resource owner's authorization (to access its protected resources) used by the
  owner's authorization (to access its protected resources) used by the
+
   client to obtain an access token.  This specification defines four grant types -- authorization code, implicit, resource owner password
   client to obtain an access token.  This specification defines four
+
   credentials, and client credentials -- as well as an extensibility mechanism for defining additional types.
  grant types -- authorization code, implicit, resource owner password
 
   credentials, and client credentials -- as well as an extensibility
 
  mechanism for defining additional types.
 
  
 
Later use extended grant types to include authorization for users to get access to [[Resource]]s as well as user [[Consent]] for a [[Relying Party]] to access [[User Information]].
 
Later use extended grant types to include authorization for users to get access to [[Resource]]s as well as user [[Consent]] for a [[Relying Party]] to access [[User Information]].

Revision as of 10:20, 29 July 2018

Full Title or Meme

An Authorization Grant is a specific structure that gives some entity on the internet authorization to access a Resource.

Context

In OAuth 2.0 an authorization grant is defined as:

  An authorization grant is a credential representing the resource owner's authorization (to access its protected resources) used by the
  client to obtain an access token.  This specification defines four grant types -- authorization code, implicit, resource owner password
  credentials, and client credentials -- as well as an extensibility mechanism for defining additional types.

Later use extended grant types to include authorization for users to get access to Resources as well as user Consent for a Relying Party to access User Information.

Problems

Solutions

References