Please enable JavaScript.

Coggle requires JavaScript to display documents.

6 Security - Coggle Diagram

- - - - IP blacklisting
    - - SpikeArrest
  - - - X.509 (public key certificates format)
- - - - Access
        
        Steal information
        
        Not allowed transactions
    - - Access
        
        Steal information
        
        Not Allowed transactions
      - Protection
        
        DoS, OWASP
- - - - extension to the Authorization Code flow to prevent
        CSRF (Cross-Site Request Forgery) and authorization code injection attacks.
      - Client first create a secret on each authorization request, and use that secret when exchanging the authorization code for an access token
    - - browserless or input-constrained devices (Apple TV apps) in the device flow to exchange a previously obtained device code for an access token.
    - - Password Grant
        
        Implicit Flow