Mercurial > prosody-modules
comparison mod_http_oauth2/README.markdown @ 5615:308b5b117379
mod_http_oauth2: Hint at future deprecation of resource owner password grant
It is strongly discouraged by all the modern OAuth 2.0 (and 2.1) documents.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 21 Jul 2023 00:38:04 +0200 |
parents | 7565298aa197 |
children | d8622797e315 |
comparison
equal
deleted
inserted
replaced
5614:7565298aa197 | 5615:308b5b117379 |
---|---|
211 | 211 |
212 ### Supported flows | 212 ### Supported flows |
213 | 213 |
214 - Authorization Code grant, optionally with Proof Key for Code Exchange | 214 - Authorization Code grant, optionally with Proof Key for Code Exchange |
215 - Device Authorization Grant | 215 - Device Authorization Grant |
216 - Resource owner password grant | 216 - Resource owner password grant *(likely to be phased out in the future)* |
217 - Implicit flow *(disabled by default)* | 217 - Implicit flow *(disabled by default)* |
218 - Refresh Token grants | 218 - Refresh Token grants |
219 | 219 |
220 Various flows can be disabled and enabled with | 220 Various flows can be disabled and enabled with |
221 `allowed_oauth2_grant_types` and `allowed_oauth2_response_types`: | 221 `allowed_oauth2_grant_types` and `allowed_oauth2_response_types`: |