!!! Overview
[{$pagename}] describes the sequences for requests and responses as "Flows" of data for the various [Grant Types].


[{$pagename}] are a set of steps that allow [OAuth Client] to obtain [token](s) from [Authorization Server]/[OpenID Connect Provider] through [Endpoints]. 

[{$pagename}] describes the [life cycle] of any [Authorization Request]/[Authentication Request]. A successful outcome provides the [OAuth Client] with an [Access_token].

Many of the [{$pagename}] are described within [Grant Types] and requested by using the [grant_type] [Authorization Request].

The use of [{$pagename}] has largely been replaced by [Authorization Grant] in recent (2017-06) [OAuth 2.0] and [OpenID Connect] documents.

!! [{$pagename}] and [Security]
Where Higher Numbers are better:
%%zebra-table
%%sortable
%%table-filter
||Level||[Authorization Grant]||Remarks||[Client|OAuth Client] Options
|4|[Hybrid Flow]|[Authorization Request] Protected|[request_object_encryption_alg] \\ [request_object_signing_alg]
|3|[Hybrid Flow]|[Authorization Response] Protected|[id_token_encrypted_response_alg] \\ [id_token_signed_response_alg]
|2|[Code Flow|Authorization Code Flow]|[Client|OAuth Client] [Authentication]|[token_endpoint_auth_method]=[private_key_jwt] \\ [token_endpoint_auth_method]=[client_secret_basic]
|1|[Implicit Flow]|NO [Client|OAuth Client] [Authentication]|none
|0|[Implicit Flow] / [Code Flow|Authorization Code Flow]|NO [Integrity]|Without [id_token], missing [nonce] and [at_hash]
/%
/%
/%


!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]