No extra server-side configuration necessary.
When I created a new Doorkeeper::Application
in my Rails app, the Doorkeeper interface gave me an Authorize link with response_type=code
in it for that application.
I changed that to response_type=token
and when I do a GET request to that, it responds immediately with access_token
instead of code
. The Authorize URL looks like http://my-rails-doorkeeper-app/oauth/authorize?client_id=1234&redirect_uri=http://my-angularjs-app&response_type=token
.
Update :
This can only be applied when we also allow implicit grant for the grant flow. By default, doorkeeper will allow its four kinds of flow (implicit grant, authorization grant, password, and client_credentials).
You can configure it in initializer/doorkeeper.rb
if you don't want to let it happens since sometimes it can be dangerous.