Scribd
Upload
75 views1 page

Diagram PDF

The OAuth authentication flow involves a user being directed from a consumer to a service provider to authorize access for the consumer. The consumer first requests a request token from the service provider, then directs the user to the service provider to authorize the request token. If authorized, the service provider directs the user back to the consumer, who can then exchange the authorized request token for an access token to access protected resources from the service provider.

Uploaded by

Rodrigo Románovich Fiodorovich
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
75 views1 page

Diagram PDF

The OAuth authentication flow involves a user being directed from a consumer to a service provider to authorize access for the consumer. The consumer first requests a request token from the service provider, then directs the user to the service provider to authorize the request token. If authorized, the service provider directs the user back to the consumer, who can then exchange the authorized request token for an access token to access protected resources from the service provider.

Uploaded by

Rodrigo Románovich Fiodorovich
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

OAuth Authentication Flow

Service Provider

Direct User to
Service Provider

B
C

Grant
Request Token

Obtain User
Authorization

Direct User to
Consumer

Request
Access Token

D
E

Grant
Access Token

Obtain Unauthorized
Request Token

User Authorizes
Request Token

Request
Request Token

Person Using Web Browser


or Manual Entry

Service Provider Grants


Request Token

Consumer Directs User to


Service Provider
Request includes
oauth_token (optional),
oauth_callback (optional).
Service Provider Directs
User to Consumer
Request includes
oauth_token (optional).

G
Consumer/Service Provider

Request includes
oauth_consumer_key,
oauth_signature_method,
oauth_signature,
oauth_timestamp,
oauth_nonce,
oauth_version (optional).

Access Protected
Resources

Consumer Requests
Request Token

Consumer Requests
Access Token
Request includes
oauth_consumer_key,
oauth_token,
oauth_signature_method,
oauth_signature,
oauth_timestamp,
oauth_nonce,
oauth_version (optional).

Response includes
oauth_token,
oauth_token_secret.
Exchange Request Token
for Access Token

Consumer

Service Provider
Grants Access Token
Response includes
oauth_token,
oauth_token_secret.

Consumer Accesses
Protected Resources
Request includes
oauth_consumer_key,
oauth_token,
oauth_signature_method,
oauth_signature,
oauth_timestamp,
oauth_nonce,
oauth_version (optional).

You might also like