The grant type that we will use to authorise users from the Repair Tool will be Authorization Code Grant with PKCE. The legacy alternative would be Password Grant, but this is not recommended anymore. See https://oauth2.thephpleague.com/authorization-server/which-grant/.
This flow is considered best practice when using Single Page Apps (SPA) or Mobile Apps.
From Onelog.com
Design
Realisation
Tasks
[x] Create OAuth client for the Repair Tool on the acceptance environment. Run php artisan passport:client
Analysis
There are different grant types available to authorise users to the REST API. Which one should we use for the authorisation flow of the Repair Tool.
Acceptance criteria
Resources
Advice
The grant type that we will use to authorise users from the Repair Tool will be
Authorization Code Grant
with PKCE. The legacy alternative would bePassword Grant
, but this is not recommended anymore. See https://oauth2.thephpleague.com/authorization-server/which-grant/.Design
Realisation
Tasks
php artisan passport:client