Context
Decathlon wants to offer a unique experience for each sport user. To do it we need to know/recognize our sport user: his habits, his wishes, his practices…
We must offer him personalized services.
Data is key.
To associate all his data to a unique sport user, it has to exist an identification and a unique entry point common to all the services :
That’s the role of Decathlon Login
Global Process
Link to the Terms & Services
How to Implement ?
Authorization Code Flow
The algorithm returns an authorization code and then retrieves tokens:
- tokens are returned only through the token interface
- the recovery of an access token is done in two steps:
- a code is returned by the authorization interface
- this code is sent by the client to the token interface
- applies very well to web WITH secured back-end applications
This algorithm is best suited for stateful applications (with sessions/backend)
PKCE Flow
This is an extension to the Authorization Code flow to be able to securely perform the OAuth exchange from public clients:
- tokens are returned only through the token interface
- the recovery of an access token is done in two steps:
- a code is returned by the authorization interface
- this code and a verifier code are sent by the client to the token interface
Algorithm for Native and Single Page applications.
This flow is mandatory for Mobile applications
Implicit Flow
The algorithm directly returns the tokens.
- tokens are returned directly by the authorization interface
- there is no notion of Refresh Token
- long-lived tokens are not allowed
Algorithm for Native and Single Page applications
This flow has been deprecated. Please use the PKCE flow instead.