This section covers the steps required to integrate an OAuth 2.0 authentication flow into your application, using Okta as your authorization server.
Before you can use OAuth 2.0 flows with Okta, you will need to configure an Authorization Server in Okta. If you have an Okta Developer Account, you already have a default Authorization Server created for you.
If you don’t have an existing authorizations server, or would like to create a new one, then you can find out how to do that in the Setting up an Authorization Server section.
Once you have an authorization server, you can then implement an OAuth 2.0 flow.
The table below shows you which OAuth 2.0 flow to use for the type of application that you are building. If you’d like more information on which flow to use, see Choosing an OAuth 2.0 flow.
|Type of Application||OAuth 2.0 Flow|
|Server-side (AKA Web)||Authorization Code Flow|
|Single-Page Application||Implicit Flow|
|Native||Authorization Code Flow with PKCE|
|Trusted||Resource Owner Password Flow|