Resource Owner → User
Resource Server → Twitter
Client Application → Twitterdeck.comarrow-up-right
Authorization Server → Twitter
client_id → Twitterdeck ID (This is a public, non-secret unique identifier_
client_secret → Secret Token known to Twitter and Twitterdeck to generate access_tokens
response_type → Defines the token type e.g. (code, token, etc.)
scope → The requested level of access Twitterdeck wants
redirect_uri → The URL user is redirected to after the authorization is complete
state → Main CSRF protection in OAuth can persist data between the user being directed to the authorization server and back again
grant_type → Defines the grant_type and the returned token type
code → The authorization code Twitter generated, will be like ?code= , the code is used with client_id and client_secret to fetch an access_token
access_token → The token twitter deck uses to make API requests on behalf of the user
refresh_token → Allows an application to obtain a new access_token without prompting the user
Last updated 2 years ago
