Update topics/clients/client-oidc.adoc
This commit is contained in:
parent
317b45068b
commit
9bc1132ff3
1 changed files with 3 additions and 6 deletions
|
@ -59,14 +59,11 @@ If you've ever done a social login to Google, you'll often see a similar page.
|
||||||
This defines the type of the OIDC client.
|
This defines the type of the OIDC client.
|
||||||
|
|
||||||
_confidential_::
|
_confidential_::
|
||||||
Confidential access type is for clients that need to perform a browser login and require a client secret when they turn an access code into an access token,
|
Confidential access type is for server-side clients that need to perform a browser login and require a client secret when they turn an access code into an access token,
|
||||||
(see http://tools.ietf.org/html/rfc6749#section-4.1.3[Access Token Request] in the OAuth 2.0 spec for more details). The advantage of this is that it is a little extra security.
|
(see http://tools.ietf.org/html/rfc6749#section-4.1.3[Access Token Request] in the OAuth 2.0 spec for more details). This type should be used for server-side applications.
|
||||||
Since {{book.project.name}} requires you to register valid redirect-uris, we're not exactly sure what this little extra security is though.
|
|
||||||
:) The disadvantages of this access type is that confidential access type is pointless for pure JavaScript clients as anybody could easily figure out your client's secret!
|
|
||||||
|
|
||||||
_public_::
|
_public_::
|
||||||
Public access type is for clients that need to perform a browser login and that you feel that the added extra security of confidential access type is not needed.
|
Public access type is for clients that need to perform a browser login
|
||||||
Pure javascript clients are by nature public.
|
|
||||||
|
|
||||||
_bearer-only_::
|
_bearer-only_::
|
||||||
Bearer-only access type means that the application only allows bearer token requests.
|
Bearer-only access type means that the application only allows bearer token requests.
|
||||||
|
|
Loading…
Reference in a new issue