I am learning to implement Implicit Flow with IdentityServer4. I have a working demo that uses MVC.
Can anyone provide a Flow Chart of Implicit Flow as it relates to IdentityServer4 and OpenID Connect?
Also, can this flow be tested with something such as Postman, or is the flow tightly coupled to JS running on the client such as in the answer stated here?
If I am conflating grant_type and flow its because this security is new to me :)
1 and 2 pretty much cover the specifics of Implicit flow/grant.
One way to can test implicit flow, is by using selenium + some headless browser like phantomJS. implicit flow by design requires human interaction.
grant_type and flow are used interchangeably in literature.