The Implicit flow is required for apps and websites that have no back end logic on the web server, and everything that is passed between the app or website and the Authorization server which can be viewed using browser development tools.
Use the Implicit Flow for applications that cannot maintain the secrecy of a client secret (for example, browser-based applications).
The application obtains an access token directly in an authorization request (via a redirect), over a secure communication channel, with no intermediate authorization code requested or returned.
- Set up OAuth2 Client Application in your tenant.
Make sure that
Implicitis checked as
Auth methodsin the
- Refer to CyberArk Identity Java SDK reference for more information on the Java SDK.
Follow the steps below to use this SDK to get the
- Import the SDK as specified in the Before you get started section.
- Pass the required parameters to create the
import com.cyberark.client.OAuthClient; // client secret parameter is not required for Implicit grant flow OAuthClient oauthClient = new OAuthClient(YOUR_TENANT_URL, YOUR_OAUTH_APPLICATION_ID, YOUR_USER_ID);
AuthorizeUrlBuilder to authenticate the user with the CyberArk Identity provider. The
redirectUri must be white-listed in the Redirect destinations section under the General Usage section of the OAuth client application.
Using the OAuthClient instance, call the following builder methods.
AuthorizeUrlBuilder authorizeUrlBuilder = oauthClient.authorizeUrl(YOUR_REDIRECT_URL) .setResponseType("token") .setScope(YOUR_SCOPE); // To get authorize URL String authURL = authorizeUrlBuilder.build();
Redirect to the
authorize URL obtained above and post authentication with CyberArk Identity. In case of unauthentication, receive the
access_token as part of the redirected URL mentioned above.
For common methods, such as
claims, refer to CyberArk Identity Java SDK reference.
Updated 13 days ago