OAuth Client Types
OAuth 2.0 Authorization Framework defines two types of clients.
A
confidential client is a client that supplies a client ID and client secret to the authorization server in order to obtain an access token. Confidential clients correspond to an account on the authorization server. If a client does not have the proper credentials (client ID and secret) for the user account, the authorization server does not grant the client an access token.
To specify a confidential client in
Integration Server Administrator, set
Type to
Confidential. For more information, see
Registering Clients.
A
public client is a client that uses only a client ID for identification, with no other credentials. Public clients are typically implemented in a browser using a scripting language such as JavaScript. Because the authorization server does not require any other credentials, the authorization server grants
any client with a valid client ID an access token.
To specify a public (implicit) client in
Integration Server Administrator, set
Type to
Public. For more information, see
Registering Clients.