AuthorizationServer

An AuthorizationServer is a component in OAuth 2.0 and OpenID Connect architectures that authenticates resource owners and issues access tokens to clients after the resource owner's authorization. It sits between the client application and the resource server, and its primary function is to grant access to protected resources by presenting tokens that prove authorization.

Interaction typically involves the resource owner authenticating with the AuthorizationServer, a client requesting access through an

Tokens include access tokens, refresh tokens, and, in OpenID Connect, ID tokens. Access tokens authorize resource

Endpoints commonly supported by an AuthorizationServer include the authorization endpoint and the token endpoint, with optional

Implementation and deployment vary; servers implement different grant types, including authorization code, client credentials, and, for