Overview#

OAuth Confidential Client represents OAuth Clients capable of Authentication (proving its own Digital Identity) to the Authorization Server

OAuth Confidential Client MUST be capable of maintaining the confidentiality of their credentials (e.g., OAuth Clients implemented on a secure server with restricted access to the OAuth Clients credentials), or capable of secure OAuth Clients authentication using other means.

OAuth Confidential Clients instances MUST be able to perform OAuth 2.0 Client Registration and capable of properly securing Tokens and Credentials

More Information#

There might be more information for this subject on one of the following:

• Access Token
• Authorization Code
• Authorization Code Flow
• Claimed Https Scheme URI Redirection
• Custom URI scheme
• OAuth 2.0 Client Types
• OAuth 2.0 Incremental Authorization
• OAuth 2.0 Security Best Current Practice
• OAuth Public Client
• Proof Key for Code Exchange by OAuth Public Clients