We reference the following OAuth 2.0 parameters for the Implicit Grant. We refer to the RFC for more details.
Name | Value | Comments |
---|---|---|
client_id | clientId | |
response_type | token | identifies an implicit grant request |
state | xyz | |
scope | customer, employee | |
redirect_uri | https://this.is.your.redirect.url/ |
The OAuth 2.0 Implicit Grant is initiated using the following request by the Client to the Authorization Server. Please note that the parameter values are URL-encoded.
https://your.airlock-iam.com/auth-login/oauth2/clientId?response_type=token&client_id=clientId&state=xyz&scope=customer%2Cemployee&redirect_uri=https%3A%2F%2Fthis.is.your.redirect.url%2F
Note that the client id appears in both the URL path and as URL parameter "client_id".
After issuing this request, the user is asked to authenticate (e.g. using username and password).
After successful authentication, the user is asked to grant a selection of the requested scope:
(page can be disabled by configuration in which case all requested scopes matching user roles are automatically granted)
Assuming the user granted the scope "employee", an access token is issued by sending the following redirect to the user:
https://this.is.your.redirect.url/#access_token=tester1.m4hFcbSSoCgNxQGYBrkpXUl0WvTiwXgNDaMfaDrA&scope=employee&state=xyz&token_type=Bearer&expires_in=180