Skip to content

Authorization Options for OAuth Apps

Tapkey acts as an OAuth 2.0 compliant partner, enabling Tapkey users to authorize clients to access selected resources. It is highly recommended to familiarize yourself with the RFC 6749 prior to reading this document.

The OAuth 2.0 Authorization Framework specifies several ways a third-party application can obtain limited access to a service. In OAuth terminology, these ways are known as grant types. Tapkey supports four main grant types.

Supported OAuth 2.0 Grant Types

  1. Client credentials - RFC 6749 Section 4.4
  2. Authorization Code - RFC 6749 Section 4.1
  3. Authorization Code with PKCE - RFC 7636
  4. Token Exchange - Custom extension grant type, see RFC 6749 Section 4.5

What's next?

Navigate to any of the grant types above to learn more about them. Each page is designed to instruct you on which grant type suits your application better. If you still have questions, feel free to reach out to us.