O'Reilly logo

Mastering Modern Web Penetration Testing by Prakhar Prasad

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Receiving grants

OAuth 2.0 basically allows a third party website to access a limited or selective set of user information on a particular website. There are different kinds of authorization flows, two common ones of which are as follows:

  • Authorization grant
  • Implicit grant

We'll have a look at them in the following sub-sections.

Authorization grant

An authorization grant consists of an authorization link, which looks like the following:

https://www.example.com/oauth/authorize?response_type=code&client_id=CLIENT_ID&redirect_uri=CALLBACK_URL&scope=read

Let's break down the different components here:

  • response_type: When set to code, the OAuth authorization server expects the grant to be of authorization grant type
  • client_id: This is the client ID/app ID of ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required