creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 05:34:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/configuring-oauth2-authorization-flow/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

44 lines
1.5 KiB
Markdown
Raw Blame History

# OAuth 2.0 Authorization Flow — API Reference
## Libraries
| Library | Install | Purpose |
|---------|---------|---------|
| requests | `pip install requests` | HTTP client for OAuth endpoints |
| authlib | `pip install authlib` | Full OAuth 2.0 / OIDC client library |
| PyJWT | `pip install PyJWT[crypto]` | JWT token validation and inspection |
## OIDC Discovery Endpoint
```
GET {issuer}/.well-known/openid-configuration
```
Returns: authorization_endpoint, token_endpoint, jwks_uri, supported grant types, scopes.
## OAuth 2.0 Grant Types
| Grant Type | Use Case | Security |
|------------|----------|----------|
| authorization_code | Server-side apps | Recommended with PKCE |
| client_credentials | Machine-to-machine | Service accounts only |
| implicit | (DEPRECATED) SPAs | Avoid — tokens in URL fragment |
| password | (DEPRECATED) Legacy | Avoid — credentials exposed to client |
| urn:ietf:params:oauth:grant-type:device_code | IoT/CLI | Approved for limited-input devices |
## Security Best Practices
| Practice | RFC |
|----------|-----|
| PKCE (Proof Key for Code Exchange) | RFC 7636 |
| Token Binding | RFC 8471 |
| DPoP (Demonstrating Proof of Possession) | RFC 9449 |
| Sender-Constrained Tokens | OAuth 2.0 Security BCP |
## External References
- [RFC 6749 OAuth 2.0](https://datatracker.ietf.org/doc/html/rfc6749)
- [RFC 7636 PKCE](https://datatracker.ietf.org/doc/html/rfc7636)
- [OAuth 2.0 Security BCP](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics)
- [authlib Documentation](https://docs.authlib.org/)
Reference in New Issue View Git Blame Copy Permalink