This is a service that supports authorization code grant type. The authorization code grant type is used to obtain both access tokens and refresh tokens and is optimized for confidential clients. Since this is a redirection-based flow, the client must be capable of interacting with the resource owner’s user-agent (typically a web browser) and capable of receiving incoming requests (via redirection) from the authorization server.
The service accepts user credentials and redirects back authorization code with redirect URI defined in the client registration or overwritten it by passing in a redirect URI in the request.
Read More »