OAuthAuthorizationServerProvider.GrantClientCredentials Method (OAuthGrantClientCredentialsContext)

  • Article

 

Called when a request to the Token endpoint arrives with a "grant_type" of "client_credentials". This occurs when a registered client application wishes to acquire an "access_token" to interact with protected resources on it's own behalf, rather than on behalf of an authenticated user. If the web application supports the client credentials it may assume the context.ClientId has been validated by the ValidateClientAuthentication call. To issue an access token the context.Validated must be called with a new ticket containing the claims about the client application which should be associated with the access token. The application should take appropriate measures to ensure that the endpoint isn’t abused by malicious callers. The default behavior is to reject this grant type. See also http://tools.ietf.org/html/rfc6749\#section-4.4.2

Namespace:   Microsoft.Owin.Security.OAuth
Assembly:  Microsoft.Owin.Security.OAuth (in Microsoft.Owin.Security.OAuth.dll)

Syntax

public virtual Task GrantClientCredentials(
    OAuthGrantClientCredentialsContext context
)

public:
virtual Task^ GrantClientCredentials(
    OAuthGrantClientCredentialsContext^ context
)

abstract GrantClientCredentials : 
        context:OAuthGrantClientCredentialsContext -> Task
override GrantClientCredentials : 
        context:OAuthGrantClientCredentialsContext -> Task

Public Overridable Function GrantClientCredentials (
    context As OAuthGrantClientCredentialsContext
) As Task

Parameters

Return Value

Type: System.Threading.Tasks.Task

Task to enable asynchronous execution

Implements

IOAuthAuthorizationServerProvider.GrantClientCredentials(OAuthGrantClientCredentialsContext)

See Also

OAuthAuthorizationServerProvider Class
Microsoft.Owin.Security.OAuth Namespace

Return to top