How do applications authorize through a third-party browser?

H

HemulGM2019-08-03 19:51:19

API

HemulGM, 2019-08-03 19:51:19

There are desktop applications that allow you to log in using OAuth2 in their service, but at the same time, the browser page (mine) opens for authorization, and not, for example, the built-in browser.
To do this, use a request with a callback and your own server to get a token? Or how do they do it?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Dmitro25, 2020-04-30
@HemulGM

This process is described in the OAuth 2.0 Device Authorization Grant
. In short, the application makes a request to the server, passing its Id in the request as well; in response to the request, the server sends the URL, as well as unique UserId and DeviceId. The application opens a page in the browser with URL+UserId; in the browser, the user performs authorization in the standard way. All this time, the application sends periodic requests to the server, passing it its Id and DeviceID in the request; upon completion of authorization in the browser, in response to this application request, the server will respond with a message that the application is authorized.