Client Credentials Grant Flow

Server-to-server authentication using Oauth2 and the Client credentials grant flow may be supported using these steps. Other flows may also be supported in a similar flow. User-authentication using Oauth2 and OpendId is described here.

1. Set up the call to obtain the "token" using the client secret, storing the result in transient classes as shown on the right:



2. Set up a server-side ViewModel to refresh the token before expiry, using criterias (as an example) as shown below.


2. Pass the "token" in all subsequent calls:


Please note that even though Oauth2 is standard, the naming conventions of all parameters may differ - these names worked using an Identity Server 4.

This page was edited 29 days ago on 06/17/2024. What links here