# Created 2021-07-16 Fri 15:51
#+TITLE: Cisco Notes #+Author: Yann Esposito
#+AUTHOR: Yann Esposito
* Device Flow [2021-07-16 Fri]

** Implications for IROH/SecureX/CTR

OAuth2 is about linking two accounts of the same person between two
different services.

In the OAuth2 RFC only 4 *Grants* are described:

- Authorization Code*
- Implicit (we explicitly removed the support in IROH-Auth)
- Resource Owner Password Credentials
- Client Credential*

With these we handle:

- scripts
- websites with a backend

** Native Applications & SPA (PKCE)

An additional RFC exists to improve the support of Native Applications and
Single Page Applications.

It was easily introduced a few years back for SSE.

** Device Grant

- *All on-premise devices*
- *All devices without input access or browser access*.