Fork me on GitHub

Demo App

Demo a Better You

OAuth2.0 Demo Application

Welcome to the OAuth2.0 Demo Application! This is an application that demos some of the basic OAuth2.0 Workflows.

The Authorization Code grant type is the most common workflow for OAuth2.0. Clicking the "Authorize" button below will send you to an OAuth2.0 Server to authorize:

Authorize

The Implicit grant type is very similar to the Authorization Code grant type, except that the Access Token is returned as part of the URL fragment instead of an API request to the OAuth2.0 Server. Clicking the "Authorize" button below will send you to an OAuth2.0 Server to authorize:

Authorize

The User Credentials grant type is a Two-Legged approach that allows you to obtain an Access Token in exchange for a set of end-user credentials.

The OAuth2 Server supports the following user credentials:

  • Username: demouser
  • Password: testpass

Make the following cURL request to receive an access token:

  $ curl -v "http://brentertainment.com/oauth2/lockdin/token" \
    -d "grant_type=password&client_id=demoapp&client_secret=demopass&username=demouser&password=testpass"

...or just click below to let us do it for you

Get Access Token

The Refresh Token grant type is typically used in tandem with the Authorization Code grant type. Click the "Authorize" button to receive an authorization code:

Authorize

OpenID Connect is a special way of obtaining information about a user. Click the button below to go through the OpenID connect flow. It is initiated with an authorize request (just like in Authorization Code) but with the scope querystring parameter including the value "openid".

Authorization Code

Uses the Authorization Code Grant and adds the "openid" scope parameter. An ID Token comes back with the Access Token

Authorization Code + ID Token

Same as above, but with the "code id_token" response type. The ID Token comes back with the Authorization Code.

Implicit

Uses the implicit grant type, but the Access Token also returns with an ID Token.