{"id":1551,"date":"2022-07-25T09:08:25","date_gmt":"2022-07-24T21:08:25","guid":{"rendered":"https:\/\/www.ronella.xyz\/?p=1551"},"modified":"2024-04-11T14:23:21","modified_gmt":"2024-04-11T02:23:21","slug":"authorization-code-grant-type","status":"publish","type":"post","link":"https:\/\/www.ronella.xyz\/?p=1551","title":{"rendered":"Authorization Code Grant Type"},"content":{"rendered":"

The authorization code grant type is designed for confidential clients<\/strong> (e.g. websites with a server back end)<\/em> that can keep a secret. This type can request for offline_access<\/strong> scope (i.e. to request for refresh token)<\/em>.<\/p>\n

    \n
  1. \n

    Use the authorization end point to request the authorization code<\/strong> with the following query parameters:<\/p>\n

    response_type = code \nclient_id = the client unique code\nredirect_uri = redirection URL.\nstate = (Optional) value to echo to us.\nscope = (Optional) what permision wanted. If not specified, default permission will be given.\nresponse_mode = (Optional) query<\/code><\/pre>\n
    \n
    A login form will be displayed if not yet filled-up before.<\/p>\n<\/blockquote>\n
    Expected Response<\/strong><\/p>\n
    The redirect_uri with the following query parameters:<\/p>\n
    code = The authorization code\nstate = state value if given.<\/code><\/pre>\n<\/li>\n
  2. \n
    Use the token end point to do post request for the access token<\/strong> with the following headers:<\/p>\n
    Content-Type = application\/x-www-form-urlencoded\nAuthorization = Basic <CREDENTIAL><\/code><\/pre>\n
    And with the following parameters:<\/p>\n
    grant_type = authorization_code.\ncode = The authorization code from step 1.\nredirect_uri = The used from step 1.<\/code><\/pre>\n
    Expected Response<\/strong><\/p>\n
    Header<\/p>\n
    Content-Type: application\/json\n\n{\n\"access_token\" : <ACCESS_TOKEN>,\n\"token_type\" : \"Bearer\",\n\"expires_in\" : 3600,\n\"scope\" : <The scope allowed by the server>\n}<\/code><\/pre>\n<\/li>\n
  3. \n
    Call the API<\/strong> with the authorization header like the following syntax:<\/p>\n
    Bearer <ACCESS_TOKEN><\/code><\/pre>\n<\/li>\n<\/ol>\n
    Sample implementation can be found here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"
    The authorization code grant type is designed for confidential clients (e.g. websites with a server back end) that can keep a secret. This type can request for offline_access scope (i.e. to request for refresh token). Use the authorization end point to request the authorization code with the following query parameters: response_type = code client_id = […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[77,23],"tags":[],"_links":{"self":[{"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=\/wp\/v2\/posts\/1551"}],"collection":[{"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1551"}],"version-history":[{"count":5,"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=\/wp\/v2\/posts\/1551\/revisions"}],"predecessor-version":[{"id":1766,"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=\/wp\/v2\/posts\/1551\/revisions\/1766"}],"wp:attachment":[{"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1551"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1551"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ronella.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1551"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}