Authorization Code Grant Flow and OAuth 2.0 Terminology

2nd chunk of `content/manuals/extensions/extensions-sdk/guides/oauth2-flow.md`

503e4783c1b63f9ad6d439c70bcd57224fd2df512eddf5eb0000000100000362



The image above shows that:

- The Docker extension asks the user to authorize access to their data.
- If the user grants access, the extension then requests an access token from the service provider, passing the access grant from the user and authentication details to identify the client.
- The service provider then validates these details and returns an access token.
- The extension uses the access token to request the user data with the service provider.

### OAuth 2.0 terminology

- Auth URL: The endpoint for the API provider authorization server, to retrieve the auth code.
- Redirect URI: The client application callback URL to redirect to after auth. This must be registered with the API provider.

Once the user enters the username and password, they're successfully authenticated.

Title: Authorization Code Grant Flow and OAuth 2.0 Terminology

Summary

The provided text describes the OAuth 2.0 Authorization Code Grant flow, visually depicted in the image. This flow involves the Docker extension prompting the user for authorization, followed by a request to the service provider for an access token upon user approval. The service provider validates the details and issues an access token, enabling the extension to request user data. The text also defines key OAuth 2.0 terms such as Auth URL and Redirect URI.