The tokens (access, refresh, and ID tokens) are the key to use OAuth 2.0 and OpenID Connect.
The OAuth protocol provides different ways to obtain these tokens. You can use the appropriate authorization grant type based on the business requirements.
Authorization Grant |
Type of Application |
---|---|
Server-side Applications |
|
Native applications |
|
|
|
|
|
|
|
Applications that already have the SAML assertions and require to access the OAuth protected resources. |