OAuth2.0 Grants — Cheatsheet for WSO2 Identity Server
WSO2 Identity Server(IAM) is a fully OAuth2.0 and OpenID Connect compliant CIAM product that allows users to easily experience Single Sign-On with OpenID Connect and delegate access to resources through OAuth2.0.
This blog will give you a simpler view of the most commonly used grant types and how we can try them out even without an actual sample application like the playground
To try out these grant types you need to first register an OAuth2.0/OpenID connect application in WSO2 Identity Server with a test callback URL and get the client-id and secret — refer https://is.docs.wso2.com/en/5.11.0/learn/configuring-single-sign-on-oidc/
Sp name — test-sp
Callback — http://testsp/callback
Main Grant Types and its Request Formats
Authorization Code Grant
This will have two requests
1. Browser request: Copy-paste this sample request on the browser and get the authorization code from the browser to use in the second curl command
https://localhost:9443/oauth2/authorize?response_type=code&client_id=<client-id>&nonce=oidc&redirect_uri=<call-back url>&scope=openidAdding scope=openid will give you the id token in the second token response.
2. Back-channel request: curl command
curl -k -v --user…