Which differences between OAuth2 methods for Connected System?

Certified Senior Developer

Hi,

We are going to use OAuth2 for a customer and reading the Appian doc, I can see this :

- "OAuth 2.0: Client Credentials Grant" : is used when access is being requested on behalf of an application, 

- "OAuth 2.0: Authorization Code Grant" : is used when access is being requested on behalf of a user,

- "OAuth 2.0: SAML Assertion flow" :  used with SAML...

Could you explain me the main differences between each of them please ?  (with possibly examples Smile)

Regards

  Discussion posts and replies are publicly visible

Parents Reply
  • 0
    Certified Senior Developer
    in reply to cedric01

    Stefan, to connect to the remote system, my Connected System will needs the inputs below :

    -      Base URL

    -      Client ID

    -      Client Secret

    -      Scope

    -      Token Request Endpoint

    Does these inputs are sufficient for Integration calls ?

    I'm asking you this question, because in your previous message you're talking about "service user account" so I have a doubt.

    I the admin console, we can create "Client Credentials" (Service Account) but it is dedicated for Web API.
    But in our case, the customer will access the Synapse API through Integration only (no Web Api).

    Does this Service account must be created anyway?

Children