OAuth 2.0 Authorization Grant types

This grant type is used to obtain access tokens and refresh tokens from the authorization server and is optimized for confidential clients. TotalAgility supports authorization grant only with refresh token grant which means:

• You should generate access and refresh tokens at design time.

• TotalAgility uses refresh token to regenerate access token. It does not require manual intervention.

This grant type is suitable for cases where the client application needs to access resources or call functions in the resource server, which are not related to a specific resource owner. The client can request an access token using only its client credentials, which means the client requests access to the protected resources under its control, or those of another resource owner that have previously engaged with the authorization server.

This grant type is used where the resource owner has a trust relationship with the client. Using this grant type, clients are capable of obtaining the resource owner's credentials, username and password, usually in an interactive form. This grant type is also used to migrate existing clients using direct authentication schemes to OAuth by converting the stored credentials into an access token.

As per OAuth 2.0 specifications, Kofax TotalAgility will not save username and password to the database. Hence TotalAgility can support this grant only with refresh token which means:

• You should generate access and refresh tokens at design time.

• TotalAgility uses refresh token to regenerate access token.

How to:

• Configure OAuth 2.0 server using the Authorization code grant type

• Configure OAuth 2.0 server using the Client credential grant type

• Configure OAuth 2.0 server using the Resource owner password grant type

See also:

• OAuth 2.0 servers

• Authentication methods