Skip to main content

GrantTypes Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Common.Constants

GrantTypes Class

Represents OAuth 2.0 grant types.

public static class GrantTypes

Inheritance System.Object → GrantTypes

Fields

GrantTypes.AuthorizationCode Field

Represents the Authorization Code grant type. Used when a client wants to exchange an authorization code for an access token. Commonly used in web applications with server-side backends.

public const string AuthorizationCode = "authorization_code";

Field Value

System.String

GrantTypes.Ciba Field

Represents the CIBA (Client Initiated Backchannel Authentication) grant type. Used for authentication with minimal user interaction, often in use cases like strong customer authentication.

public const string Ciba = "urn:openid:params:grant-type:ciba";

Field Value

System.String

GrantTypes.ClientCredentials Field

Represents the Client Credentials grant type. Used when a client requests an access token using its own credentials. Suitable for machine-to-machine communication.

public const string ClientCredentials = "client_credentials";

Field Value

System.String

GrantTypes.DeviceAuthorization Field

Represents the Device Authorization grant type. This grant type is used in scenarios where the client device lacks a browser or has limited input capabilities, allowing it to get user authorization from another device with better input capabilities. It is particularly useful for devices in the IoT (Internet of Things) sector and smart devices that require user interaction for authorization.

public const string DeviceAuthorization = "urn:ietf:params:oauth:grant-type:device_code";

Field Value

System.String

GrantTypes.Implicit Field

Represents the Implicit grant type. Used in single-page applications to get access tokens directly from the authorization endpoint. Suitable for browser-based applications.

public const string Implicit = "implicit";

Field Value

System.String

GrantTypes.JwtBearer Field

Represents the JWT Bearer grant type. Allows clients to request access tokens using a JWT (JSON Web Token) assertion. Useful for securing API-to-API communication.

public const string JwtBearer = "urn:ietf:params:oauth:grant-type:jwt-bearer";

Field Value

System.String

GrantTypes.Password Field

Represents the Password grant type. Allows clients to exchange a username and password for an access token. Should be used with caution due to potential security risks.

public const string Password = "password";

Field Value

System.String

GrantTypes.RefreshToken Field

Represents the Refresh Token grant type. Used to get a new access token using a refresh token. Helpful for maintaining user sessions without requiring re-authentication.

public const string RefreshToken = "refresh_token";

Field Value

System.String

GrantTypes.TokenExchange Field

Represents the Token Exchange grant type per RFC 8693. Allows a client holding a token issued by this AS (or, in federated scenarios, by a trusted external IdP) to exchange it for a new token with possibly narrower scope, different audience, or a different token type. Supports both impersonation (the issued token represents the original subject directly) and delegation (an act claim chain records the intermediate actor).

public const string TokenExchange = "urn:ietf:params:oauth:grant-type:token-exchange";

Field Value

System.String