RFC 6749 Section 2.1: OAuth 2.0 Client Types


OAuth defines two types of clients: confidential clients and public clients.

Confidential clients are applications that are able to securely authenticate with the authorization server, for example being able to keep their registered client secret safe.

Public clients are unable to use registered client secrets, such as applications running in a browser or on a mobile device.

More resources