Hello again, Based on some feedback I have received I have updated my diagrams. Changes are listed below, and the link (https://github.com/jricher/OpenID-Connect-Java-Spring-Server/blob/master/docs/OAuth2.0_Diagrams.pdf?raw=true) will always point to the latest version.
* Changed the title of the diagrams to "OAuth 2.0 Authorization" (from "OAuth 2.0 Authentication", which was incorrect). * Removed refresh_token from the Access Token response on the Client Credentials flow. Ref: http://tools.ietf.org/html/draft-ietf-oauth-v2-23#section-4.4.3 says "A refresh token SHOULD NOT be included." * Changed "Consumer" to "Client" to better match the 2.0 terminology. Amanda Anganes Info Sys Engineer, G061 The MITRE Corporation 782-271-3103 [email protected] From: [email protected] [mailto:[email protected]] On Behalf Of Anganes, Amanda L Sent: Friday, February 03, 2012 9:24 AM To: [email protected] Subject: [OAUTH-WG] OAuth 2 flow diagrams Hello, I've developed a set of flow diagrams for the OAuth 2.0 spec, with separate diagrams for the Access Code, Implicit Grant, Resource Owner Password Credentials, and the Client Credentials flows. These were inspired by the diagrams for 1.0 and 1.0a that Idan Gazit posted in http://www.ietf.org/mail-archive/web/oauth/current/msg00696.html, which Justin Richer pointed me to when I first started trying to read and understand the OAuth2.0 spec. I find these types of diagrams to be incredibly useful, so I updated them again to (hopefully) reflect the 2.0 spec. I'd appreciate any comments/corrections. If anyone finds the diagrams to be useful, please feel free to rehost or reference them. https://github.com/jricher/OpenID-Connect-Java-Spring-Server/blob/master/docs/OAuth2.0_Diagrams.pdf?raw=true Thanks, Amanda Anganes Info Sys Engineer, G061 The MITRE Corporation 782-271-3103 [email protected]<mailto:[email protected]>
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
