From edc2fa5423208a2f0c6c071f24b5bafc6c8fee9e Mon Sep 17 00:00:00 2001 From: Lars Windolf Date: Thu, 26 Oct 2023 00:51:54 +0200 Subject: [PATCH] Fix typo --- docs/attacking_web_applications/oauth_attacks.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/attacking_web_applications/oauth_attacks.md b/docs/attacking_web_applications/oauth_attacks.md index 486605df..6081ad59 100644 --- a/docs/attacking_web_applications/oauth_attacks.md +++ b/docs/attacking_web_applications/oauth_attacks.md @@ -23,7 +23,7 @@ In OAuth terminology one talks about different grant_types. There are four diffe 3. Resource owner password credentials - This is the problem that I previously wrote that OAuth tries to solve. 4. Client credentials -## Authroization code - Code Flow +## Authorization code - Code Flow Let's walk through the grant type Authorization code. This is usually called Code Flow. It is the most complex form, but probably also the most secure. It is divided into two parts: Authorization flow and Token Flow.