OAuth 2.1: How Many RFCs Does it Take to Change a Lightbulb?

The OAuth 2.0 specificiation is a maze of documentation that developers need to understand when getting started on the topic. OAuth 2.1 can help fix this!

developer.okta.com

vabx · Feb 20, 2020 · 10:00 PM UTC

vabx @VinayBist1

20 Feb 2020

implicit is good to go ..query on password - If password flow is deprecated then how we achieve those use cases which this was addressing..like migration of legacy clients..which flow we can use for those use cases

Aaron Parecki · Feb 20, 2020 · 10:04 PM UTC

Aaron Parecki · Feb 20, 2020 · 10:04 PM UTC

Aaron Parecki @aaronpk

20 Feb 2020

Replying to @VinayBist1 @oktadev

If you're really using the password grant for migration, you can always define your own extension to enable that same migration. In our experience, most implementations did not use it for migrations, and instead made new implementations prompting the user for their password.

Feb 20, 2020 · 10:04 PM UTC