(hit up, down, left, right to navigate, esc for overview)
Resource Owner requests something of the Client
Client directs the Resource Owner's user-agent to the Authorization Endpoint
Included in redirect - Client identifier, Scope request, local state, callback URI
Authorization Server authorizes Resource Owner and validates Scope
Authorization Server redirects the user-agent back to the Client using the callback URI
Included in redirect - Authorization Code, local state passed from Client
Client requests an Access Token from the Auth Server.
Auth Server authenticates Client
Included in Request - Client authentication, Auth Code, callback URI for verification
Included in Response - Access Token, optional Refresh Token
Client uses Access Token to retreive Protected Resource
Resource Owner requests something of the Client
Client directs the resource owner's user-agent to the Authorization Endpoint
Included in redirect - Client identifier, Scope request, local state, callback URI
Authorization Server authorizes Resource Owner and validates Scope
Authorization Server redirects the user-agent back to the Client using the callback URI
Included in redirect - Access Token
Client uses Access Token to retreive Protected Resource
Resource Owner requests something of the Client
Included in Request - resource owner login and password
Client uses Resource Owner credentials to get an Access Token
Included in Request - client authentication, resource owner login and password
Included in Response - access token
Client uses access token to retreive Protected Resource
Client uses Client Authentication to obtain an Access Token
Included in Request - Client authentication
Included in Response - Access Token
Client uses Access Token to retreive Protected Resource