This documentation is for WSO2 API Manager 2.1.0. View documentation for the latest release.

All docs This doc

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: changes Implicit grant image to have an attachment in oppose to web url


The diagram below depicts the flow of Implicit Grant.

Image RemovedImage Added

  1. The client requests for the access token with the client ID and grant type, and other optional parameters.

  2. Since the resource owner authenticates directly with the authorization server, their credentials will not be shared with the client.

  3. The Authorization Server sends the access token through a URI fragment to the client.

  4. The client extracts the token from the fragment and sends the API request to the Resource Server with the access token.