I followed the documentation regarding how to implement Authentication Code Flow
- Authorization Code Flow
Add Login Using the Authorization Code
Also, as was suggested in the latter, I followed the Quckstart as well, making sure my code and config are identical to the given example.
Then I disabled all the authentication flows except Authorization Code and Refresh Token. Now I when I try login with my test user I get an error saying:
unauthorized_client : Grant type ‘implicit’ not allowed for the client.
When I enable Implicit flow of course it works, but why would I need to enable it even though the documentation says I’m doing an Authorization Code flow?
If the documentation is wrong (or misleading) how can I enable Authorization Code flow (as opposed to Implicit flow) in the given ASP.NET MVC (OWIN) example?