Before authorization begins, it first generates a random string to use for the state
parameter. The client will need to store this to be used in the next step.
/authorize?
response_type=token
&client_id=
&redirect_uri=/implicit.html
&scope=photo
&state=
For this demo, we've gone ahead and generated a random state parameter (shown above) and saved it in a cookie.
Click "Authorize" below to be taken to the authorization server. You'll need to enter the username and password that was generated for you.