Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Client Types

Clients fall into either the Public or Confidential categories:

  • Public

    The client cannot maintain the confidentiality of a client secret. We WILL NOT issue a client secret to a Public client.

  • Confidential

    The client runs on a server where the source code or configuration is not available to the public, allowing it to maintain the confidentiality of a client secret. We MAY issue a client secret to a Confidential client.

Public clients are identified when the user's browser is redirected to a redirect URI which has been registered to the client.

Confidential clients may be identified by redirect URI if one has been registered. Confidential clients MUST provide the client secret to /token if one has been issued.

client types