OAuthAuthorizationServerProvider.GrantClientCredentials Method (OAuthGrantClientCredentialsContext)


Called when a request to the Token endpoint arrives with a "grant_type" of "client_credentials". This occurs when a registered client application wishes to acquire an "access_token" to interact with protected resources on it's own behalf, rather than on behalf of an authenticated user. If the web application supports the client credentials it may assume the context.ClientId has been validated by the ValidateClientAuthentication call. To issue an access token the context.Validated must be called with a new ticket containing the claims about the client application which should be associated with the access token. The application should take appropriate measures to ensure that the endpoint isn’t abused by malicious callers. The default behavior is to reject this grant type. See also http://tools.ietf.org/html/rfc6749\#section-4.4.2

Namespace:   Microsoft.Owin.Security.OAuth
Assembly:  Microsoft.Owin.Security.OAuth (in Microsoft.Owin.Security.OAuth.dll)


public virtual Task GrantClientCredentials(
    OAuthGrantClientCredentialsContext context
virtual Task^ GrantClientCredentials(
    OAuthGrantClientCredentialsContext^ context
abstract GrantClientCredentials : 
        context:OAuthGrantClientCredentialsContext -> Task
override GrantClientCredentials : 
        context:OAuthGrantClientCredentialsContext -> Task
Public Overridable Function GrantClientCredentials (
    context As OAuthGrantClientCredentialsContext
) As Task


Return Value

Type: System.Threading.Tasks.Task

Task to enable asynchronous execution



See Also

OAuthAuthorizationServerProvider Class
Microsoft.Owin.Security.OAuth Namespace

Return to top