« You thought identity management is done? Think twice: thinktecture IdentityServer v2 Beta is here | Main | Test post »



TrackBack URL for this entry:

Listed below are links to weblogs that reference OAuth2 in thinktecture IdentityServer v2: Implicit Grant Flow with JavaScript:


Feed You can follow this conversation by subscribing to the comment feed for this post.


I really appreciate the example since it helped clarify a few different concepts for me regarding creating a pure html PhoneGap-based mobile app and calling Identity Server with KendoUI.

One thing that may be worth nothing (since it tripped me up initially) is that while the above example works great out of the box with the debug version of Identity Server, if you install the released build I believe that in addition to your instructions above you will also need to log into Identity Server as an admin, go to Protocols, enable OAuth2 (since is only enabled in the debug version by default), and then click on the Protocols OAuth2 link that just appeared and enable Enable Implicit flow.

One question I did have, though: if one is very concerned about security because of the nature of their application would you consider this approach secure when Identity Server returns the access token to the callback url as a parameter?

And if not, is there a better approach you would recommend for a pure html/css/javascript/phonegap mobile app which is going to be calling web services to get their data?

Christian Weyer

Hi Chuck,

interesting points.
Could you be so kind and browse over to the IdSrv issues list and add a new issue:


Maximilian Alexander

I might be really confused, but in this flow, is there any possiblity to login through an external provider like the home realm discovery screen (i.e. using Google, Facebook, ADFS etc...)

Christian Weyer

Hi Maximilian,

can we please keep all questions & discussions on the GitHub repo's issue list? :)



Very nice! This app provides a great playground to get up and running with Identity Server.

Question - is it possible to set up this kind of client login via the other Identity Providers - like the Facebook, Google, or Live providers? Specifically, instead of hitting the ~/issue/oauth2/authorize url, could it hit the ~/issue/hrd url?

Christian Weyer

Hey - no, sorry. This is currently not possible.
Maybe we will consider this later... or you find some money to throw at us to do it sooner than later ;)

Nestor Reyes

Good example, but how would I trigger a logout?

Christian Weyer


can you please direct this question to the IdSrv forums?


Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.

Shared items (Google Reader)