This course is archived!
The concepts of OAuth2 we're teaching in this tutorial are still valid, but the course project code is ancient.
11.
Security
Keep on Learning!
If you liked what you've learned so far, dive in! Subscribe to get access to this tutorial plus video, code and script downloads.
2 Comments
Hi! Nice screencast but I have one last question. Do I get a refresh_token in the answer if I use the implicit grant type (response_type=token) and the oauth server supports refresh tokens?
Hi Jan!
Sorry for my late response :). Of course, an OAuth server can choose to do anything, but I do *not* believe that the implicit grant type should have the ability to give you a refresh token. And that makes sense - if with this grant type, you have the client secret, so you can just go get a new access token whenever you want (making it unnecessary to use the refresh token).
I hope that helps!
"Houston: no signs of life"
Start the conversation!