!!! Overview
When the [OAuth Client] [Redirect URI|Redirect_uri] is accessed, the [OAuth Client] connects directly to the [Authorization Server] and creates [{$pagename}] which varies depending on the [Grant Type] but could include:
* [grant_type] - __REQUIRED__ Value various depending on the [Authorization Request]
* [code|Authorization Code] - __REQUIRED__ The authorization code received from the [Authorization Server] which includes any Resource Owner (user) "Authorized" [OAuth Scopes]
* [redirect_uri] - if the "redirect_uri" parameter was included in the [Authorization Request] and their values __MUST__ be identical.
* [client_id] - __REQUIRED__ if the client is not authenticating with the [Authorization Server] as described in Section 3.2.1.
* [Client Secret] __REQUIRED__
* "Requested" [OAuth Scopes]

!! Extended Request Parameters
* [code_challenge] __REQUIRED__ ([Proof Key for Code Exchange by OAuth Public Clients]) - for [Proof Key for Code Exchange by OAuth Public Clients]
* [code_challenge_method] - __OPTIONAL__ ([Proof Key for Code Exchange by OAuth Public Clients]) - defaults to "plain" if not present in the request.  Code verifier transformation method, "S256" or "plain".
* [resource|Resource Parameter] - __OPTIONAL__ ([Resource Indicators for OAuth 2.0]) - The value of the "resource" parameter indicates a resource server where the requested access token will be used.

The [Proof Key for Code Exchange by OAuth Public Clients] specification adds additional parameters ([code_challenge] and [code_challenge_method] to the [OAuth 2.0] [Authorization Request] and [Access Token Requests],

The [OAuth Client] then submits the [{$pagename}] to the [token_endpoint]
 
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]