Implicit Flow
Disclaimer: The use of Implicit flow is not recommended as it exposes a security risk. The token is exposed in the callback URL and then stored in the browsers sessionStorage.
It is highly recommended to instead use Authorization Code Flow (AZN) on the back-end and for your front-end application to interact with the back-end via HTTP requests.
It is highly recommended to instead use Authorization Code Flow (AZN) on the back-end and for your front-end application to interact with the back-end via HTTP requests.
With the SDK Implicit flow is handled purely client-side. Examples are single page sites and hybrid mobile apps. To learn how to use the SDK with Implicit flow please refer to the following getting started guides Vanilla Javascript and React
- Client prepares an authentication request which contains the required request parameters.
- Client sends the request to Security Verify authorization server.
- Security Verify authorization server authenticates the user.
- The Security Verify authorization server sends the user back to the client with a
Token. - The
Tokenis then stored in the browsers sessionStorage