Overview#

The Authorization Grant is sent the by Authorization Server to the OAuth Client in response to the successful Authorization Request.

The Resource Owner has to approve the Authorization Grant before the Authorization Server can successfully respond to the OAuth Client.

In OAuth 2.0 the Authorization Grant is an credential representing the Resource Owner's Delegation to the OAuth Client permitting access to the Resource Owner's protected resources on the Resource Server.

Authorization Grant then used by the OAuth Client to obtain OAuth Token Request from the Authorization Server.[1]

More Information#

There might be more information for this subject on one of the following:

• ACDC Grant type
• Abstract Protocol Flow
• Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants
• Assertion Parameter
• Authorization Code
• Authorization Code Flow
• Authorization Request
• Authorization_endpoint
• Client Credentials Grant
• Grant Types
• Hybrid Flow
• JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants
• OAuth 2.0 Incremental Authorization
• OAuth 2.0 Protocol Flows
• OAuth 2.0 Token Revocation
• OAuth Token Request
• OpenAM Endpoints
• OpenID Connect
• OpenID Connect Flows
• Resource Owner Password Credentials Grant
• Security Assertion Markup Language (SAML) 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants
• Token_endpoint
• User-Managed Access

---

• [#1] - RFC 6749#section-1.3 - based on data observed:2015-05-18