we were able to register a first client, entitled to seek an authorization code grant:
The values, distinct from the display name we entered as “clientid” are all generated values:
clientid(Subscribers will use this)
we used the
Looking at the code, we see that each form post back to a route, registered in the setup:
This step is performed authorization server manager, of course, the custodian of the data (acting on behalf of the resource owner). The next step is performed by the administrative user of the client, who must authenticate to the AS in order to get the one time code – that seeds obtaining the first access token (and any refresh token):
For some reason, NAR refer to this process as one of “enablement”.
In another experiment, we can start to hook up the webapi server and authorization server.