The OAuth 2.0 authorization code grant type, also known as the auth code flow, allows a client application to obtain authorized access to protected resources like web APIs. This flow requires a user-agent (such as a web browser) that supports redirection from the authorization server (for example, PingFederate or EntraID) back to your application. The accepted authorization code is then exchanged by the Service Provider Server (ThingWorx) for a token.