Advertising sustains the DA. Ads are hidden for members. Join today

Drupal OAuth & OpenID Connect Login - OAuth2 Client SSO Login

What is OAuth 2.0 Authorization Code Grant?

Last updated on
16 February 2024

The Authorization Code Grant type is probably the most common OAuth 2.0 grant type. Authorization code grant is used by web and mobile applications. It requires the client to exchange an authorization code with the OAuth server for the access token.

The Drupal OAuth & OpenID Connect Login - OAuth2 Client SSO Login module supports the Authorization Code Grant type. It is also compatible with Drupal 7, Drupal 8, Drupal 9, and Drupal 10.

How does Authorization Code Grant Type work?

The Authorization code grant has the following steps:

  • User clicks on the SSO login link from Client Application (Drupal) and gets redirected to the Authorization server.
  • The user enters their OAuth Server credentials (username and password) and the Authorization server validates them and generates a session at the OAuth server(If the user is not already logged in to the OAuth Server ). If the user is already logged in OAuth server, it executes the third step directly.
  • OAuth server will ask for the user’s consent to let the client application (Drupal) access the user profile, If the user grants consent, the Authorization server redirects the user back to the client (Drupal) with an authorization code and a state in a query string.
  • The Client makes a request to the token endpoint using the Authorization code, Client ID and Client Secret. The code, client ID and Secret gets validated at the OAuth server.
  • In response to the token request, the Client receives an access token from the OAuth Server.
  • The Client uses the access token to make a request to the Userinfo Endpoint to get the user data.
  • OAuth Server validates the access token and returns the user information in a response to userinfo request.
  • Now, Client (Drupal) processes the user data and creates the user session.

    drupal oauth client authorization code grant flow

Contact our 24*7 support team

Feel free to reach out to our Drupal experts if you need any sort of assistance in setting up OAuth2 Client SSO Login on your Drupal site.

 Get In Touch With Us Join Our Slack Channel

back to top Back to top

Help improve this page

Page status: No known problems

You can: