| 12345678910111213141516171819202122232425262728 |
- = "How-to" Guides
- This page is under construction.
- == Table of contents
- ** Obtain an access token using a specific grant_type:
- *** `authorization_code`
- *** `client_credentials`
- *** `refresh_token`
- ** Customize form based login
- ** Authenticate a user with two-factor authentication
- ** Customize the user consent page
- ** Authenticate using OpenID Connect 1.0 authorization_code flow
- ** Customize the OpenID Connect 1.0 UserInfo response
- ** Authenticate using social login, e.g. Google
- ** Authenticate a user in a Single Page Application with PKCE
- ** Customize client authentication for specific authentication methods
- ** Handle errors and customize the OAuth 2.0 Error response
- ** Authorize an access token containing custom authorities, e.g. roles, groups, permissions, etc.
- *** Customize the headers / claims in a JWT
- ** Deny access for a revoked JWT access token
- *** Introspect / revoke an access token
- ** Provide a JWK source backed by a key rotation strategy
- ** Implement the core services with JPA:
- *** `RegisteredClientRepository`
- *** `OAuth2AuthorizationService`
- *** `OAuth2AuthorizationConsentService`
|
