Implementing Implicit Flow without Resource User Approval (or other alternative)?
Both client and provider use the same SSO server for sign-in, but I do not have access to the password (just username), so I don't think the resource owner password grant type would be of much use.
That worked... question on Implicit Flow
I got this working, thanks!
Originally Posted by Dave Syer
Another question maybe someone can answer related to the Implicit flow - can/does this grant type use a consumer secret, similar to the authentication code flow? If I setup Spring Security OAuth client details on the provider side with a secret, it seems to be ignored in the Implicit flow (i.e. if a secret is not supplied by the client, it can still get access).