Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering OAuth 2.0

You're reading from   Mastering OAuth 2.0 Create powerful applications to interact with popular service providers such as Facebook, Google, Twitter, and more by leveraging the OAuth 2.0 Authorization Framework

Arrow left icon
Product type Paperback
Published in Dec 2015
Publisher Packt
ISBN-13 9781784395407
Length 238 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Toc

Table of Contents (17) Chapters Close

Preface 1. Why Should I Care About OAuth 2.0? FREE CHAPTER 2. A Bird's Eye View of OAuth 2.0 3. Four Easy Steps 4. Register Your Application 5. Get an Access Token with the Client-Side Flow 6. Get an Access Token with the Server-Side Flow 7. Use Your Access Token 8. Refresh Your Access Token 9. Security Considerations 10. What About Mobile? 11. Tooling and Troubleshooting 12. Extensions to OAuth 2.0 A. Resource Owner Password Credentials Grant B. Client Credentials Grant C. Reference Specifications Index

Hybrid architectures


Mobile applications come in many shapes and sizes. As such, the architecture of your mobile application can be flexible as well. There is no reason why your application has to use a single authorization workflow, as is described in the preceding section. If you have a mobile application, and a backend server, you can create a hybrid architecture to leverage the best of both worlds.

Implicit for mobile app, authorization code grant for backend server

Most service providers support the idea of having a single client use multiple authorization flows. For example, Facebook supports a single client application using both the implicit grant flow and the authorization code grant flow. We can leverage this capability and use the most appropriate flow for the given task. For instance, if your application requires some non-sensitive data in a read-only manner, this can be made directly from your native mobile application via the implicit grant flow. Your application may also require...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime