OAuth 2.0

Application Security

The OAuth 2.0 Flows – Part II

In the previous post, we learnt about main actors and terminologies used in OAuth 2.0. We started discussing about grant types (OAuth flows) and talked about most used grant type i.e. authorization code grant. In this post we will discuss remaining three types of grants. Let’s start – 2. Implicit grant The implicit grant type…

Application Security

The OAuth 2.0 Flows – Part I

The OAuth 2.0 framework is a delegation protocol specifically designed for authorization workflows. In this post, we will try to understand different flows (OAuth grant types) for clients to obtain the authorization grant. OAuth 2.0 Roles and Terminologies Let us revisit few important OAuth terminologies and entities involved in the workflows. OAuth defines four major…

Application Security

JWT – Everything you need to know!

Welcome to Secumantra! In this post, we are going to understand what exactly is JWT and why JWTs are so popular in web applications these days. So let’s get started – Introduction and Purpose JWT stands for JSON Web Token and mainly used in OAuth workflows. These tokens are kind of protected data structures and…