Auth2.0
Last updated
Last updated
Lemonade Identity is a universal idenity management system for all applications built on top of the Lemonade Protocol. It is a self-hosted Ory.sh server that enables builders to leverage signup, login and account management systems without incurring additional costs for new and active users.
The Authorization Code flow is the most secure and widely used OAuth2 flow for web applications. Here is the high-level overview of the Authorization Code flow:
The user clicks on a link or button on a web page that requests access to a resource.
The user is redirected to the Authorization Server, where they authenticate themselves and grant permission to the requesting application.
The Authorization Server generates an authorization code and redirects the user back to the requesting application with the authorization code.
The requesting application exchanges the authorization code for an access token that can be used to access the protected resource.
The refresh token is a special token that can be used to obtain a new access token or ID token without the user's involvement. The refresh token is issued to the client during the initial token issuance and can be used to obtain a new token when the current token expires.
In the refresh token flow, the client sends a request to the authorization server with the refresh token. The authorization server checks if the refresh token is valid and if it is, issues a new access token or ID token to the client.
