Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>When your browser gets redirected by a website to a URL with a query parameter, the query string is also part of the request that your browser now sends to the host. Fragments are only evaluated locally by your web browser and not included into the request to the host.</p> <p>In case of the <strong>Authorization Code Grant</strong>, where you typically have a web application, that directly talks to a provider, sending the data to the host is exactly what you need:</p> <ul> <li>The web application redirects your browser to the provider where you log in.</li> <li>The provider now tells your browser a callback URL of the web application and appends an <em>authorization code</em>. This code has to be sent to the web application, so it is included as a query parameter into the request to the callback URL.</li> <li>The web application now itself talks to the provider in the background and verifies with the <em>authorization code</em> that he is indeed allowed to query the provider for an <em>access token</em>.</li> </ul> <p>In case of the <strong>Implicit Grant</strong>, you typically have some Javascript application directly running in your browser. There's no need to pass any <em>authorization code</em> to the host and in most cases there's also no need to send the <em>access token</em> to the host, as the JS in the browser can directly talk to the provider. This way you could e.g. create a website on a server that uses information queried from another provider with consent from the user where the server <em>never</em> gets access to any confidential data of the user. (In case of a trusted website, that doesn't send the <em>access token</em> to the server.)</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload