atkayla
Reputation: 8849
OAuth2 difference between callback url and redirect url?
I am confused how OAuth2 takes you through an entire flow and redirects you back to the page.
For example, I have an auth endpoint: /auth/authorize, callback endpoint /auth/callback,
and token endpoint: /auth/token
/auth/authorize gives back the authorize code, redirects to the /auth/callback?code=mycode, but how does this smoothly grab the access_token and redirect the user to the original page?
Should my /auth/callback redirect to my /auth/token or something? And then /auth/token redirects back to the page?
Upvotes: 13
Views: 37479
Answers (1)
Ms. Zia
Reputation: 489
This might will help you in understanding the flow:
Reference: https://techannotation.wordpress.com/2015/06/17/spring-oauth2-with-authorization-code/
Upvotes: 14
Related Questions
- What is the purpose of redirect_uri parameter when exchanging code for access token
- OAuth 2.0 - Does the authorization server directly send the auth code to the redirect URI that the user specified?
- Google Drive OAuth2 - confused about callback and redirect URI
- What's a redirect URI? how does it apply to iOS app for OAuth2.0?
- When redirect_uri may be omitted in oauth authorization request?
- oauth2 redirect uri. Passing data back to the client
- Why do we need to specify redirect uri two times while using Oauth2
- Oauth2 server redirect URI
- OAuth Redirect URL
- OAuth2: Why do we need redirect URI for user agent