Aidbox
Aidbox.DevAidbox.CloudAidbox.OneFhirbase
Search…
Getting started
Getting Started
Installation & Configuration
Features
Licensing and Support
Versioning & Release Notes
FAQ
Aidbox configuration
Aidbox project
API constructor (beta)
Setup SMTP provider
Zen Configuration
API
FHIR API
REST API
Bulk API
Batch Upsert
Batch/Transaction
Cache
ETAG support
Reactive API
Sequence API
Encryption API
Compartments API
GraphQL API
RPC API
Aidbox UI
Profiling and validation
Profiling and validation overview
Profiling with zen-lang
Asynchronous resource validation
Profiling with AidboxProfile
Terminology
Aidbox terminology module overview
Import external (not-present) terminologies
Concept
CodeSystem
ValueSet
$translate on ConceptMap
Terminology Tutorials
FHIR Implementation Guides
🎓
HL7 FHIR Da Vinci PDex Plan Net IG
App development guides
Tutorials
Administration
Receive logs from your app
$matcho
$to-format
Security & Access Control
Overview
Authentication Flows
Basic Auth
Client Credentials Grant
Resource Owner Grant
Authorization Code Grant
Implicit Grant
Validating Foreign Access Tokens
External Oauth 2.0 Providers
Two Factor Authentication
SMART on FHIR
Configuration options
Discovery API
Access Control
Multitenancy
Storage
Archiving
Database
AWS S3
GCP Cloud Storage
Azure Blob Storage
Core Modules
Entities & Attributes
$json-schema
Monitoring
Logging & Audit
Modules
HL7 v2 Integration
FHIR Resources
Custom Resources
Aidbox Search
First-Class Extensions
Multibox
Multibox box manager API
Plan API
Plan API Overview
Patient Access API
Integrations
Analytics
Audit
Authentication
Tools
Mappings
Aidbox SDK
Contact us
Powered By GitBook
Implicit Grant

Description

Implicit Grant flow is an alternative for Authorization Code flow. This flow just receives access_token in query string fragment instead of obtaining securecode. It's indented for client-side apps use in order to access an API, typically as Web SPA applications. For more detailed information, read OAuth 2.0 specification.
Basic scheme
get
[base]/
auth/authorize
Authorization Endpoint
After this request, the resource owner (user) will be redirected to Log-in/Sign-up page.
Example
Next step is granting access to the client:
Example
After granting access the user is redirected to the redirect_uri from the client configuration with access_token in query string fragment.

Example

Create client
1
POST /Client
2
Accept: text/yaml
3
Content-Type: text/yaml
4
5
id: imp-client
6
resourceType: Client
7
grant_types:
8
- implicit
9
auth:
10
implicit:
11
redirect_uri: http://localhost:3449/auth.html
Copied!
Request access token
Response
1
curl -X GET \
2
'http://localhost:8081/auth/authorize?
3
state=example
4
&client_id=imp-client
5
&redirect_uri=http%3A%2F%2Flocalhost%3A3449%2Fauth.html
6
&response_type=token'
Copied!
1
HTTP/1.1 302 Found
2
3
Location: http://localhost:3449/auth.html#access_token=ZGE0ZmQzZTYtOGU0OC00MDJhLWFkN2ItZTg5ZmViYjdmNTQ2
4
&state=example
Copied!
Previous
Authorization Code Grant
Next
Validating Foreign Access Tokens
Last modified 9mo ago
Copy link
Contents
Description
get
Authorization Endpoint
Example