Usage of the authorization server

This chapter covers a number of common use cases that can help to understand how an authorization server is intended to be used:

Authorization code flow use case with requests and responses.

See article Authorization code flow usage.

Client credentials grant use case with:

  1. Dynamic client registration

    2. and

  2. a request of an access token for the newly registered client.

    3. See article Client credentials grant usage example.

A use case where the client has an access token and uses it to:

  1. access an IAM resource

    2. and

  2. executes token introspection.

See article Resource access with token usage.

Use case where a resource forces a client to re-authenticate the user with 2nd factor only.

See article Forced user re-authenticate.

Various other use cases of the session management endpoint.

See article Session management usage.