oauth2-implicit.txt revision f26bb1d5890952bb63f72592b670e56bc8f081a5
@startuml oauth2-implicit.png
/'
CCPL HEADER START
This work is licensed under the Creative Commons
Attribution-NonCommercial-NoDerivs 3.0 Unported License.
To view a copy of this license, visit
or send a letter to Creative Commons, 444 Castro Street,
Suite 900, Mountain View, California, 94041, USA.
You can also obtain a copy of the license at
See the License for the specific language governing permissions
and limitations under the License.
If applicable, add the following below this CCPL HEADER, with the fields
enclosed by brackets "[]" replaced with your own identifying information:
Portions Copyright [yyyy] [name of copyright owner]
CCPL HEADER END
Copyright 2012-2013 ForgeRock AS
To generate a sequence diagram from this file, process
it with PlantUML, http://plantuml.sourceforge.net/sequence.html
'/
title OAuth 2.0 Implicit Grant
autonumber
participant "Resource Owner\nUser-Agent" as Owner
participant "Client" as Client
participant "OpenAM\nAuthorization Server" as AuthzServer
participant "Web-Hosted Client Resource" as ClientResource
participant "Resource Server" as ResourceServer
Client->Owner: Redirect...
Owner->AuthzServer: ...with client_id, scope, state, redirect_uri
Owner<->AuthzServer: Authenticate resource owner and\nconfirm resource access
AuthzServer->Owner: Redirect with redirect_uri, access token in URI fragment...
Owner->ClientResource: ...to request redirect_uri without the fragment
ClientResource->Owner: Return web page with embedded script to extract access token
Owner->Owner: Execute script to retrieve access token
Owner->Client: Return access token
Client->ResourceServer: Request resource with access token
ResourceServer->AuthzServer: Request access token validation and information
AuthzServer->ResourceServer: If access token is valid, respond with information
ResourceServer->Client: If access token is valid, return protected resource
@enduml