OpenIDConnect - Hybrid flow
Hybrid flow is another OAuth 2.0 feature for which Identify has support from version 5.5. The specification is at https://openid.net/specs/openid-connect-core-1_0.html#HybridFlowAuth.
In short, this flow is a combination of the code flow and the implicit flow. It allows the user-agent to retrieve an identity token immediately for quick usage the same way that the implicit flow does but still allows a client to negotiate authorization code via one round trip to the Identify OAuth 2.0 server just as how the code flow does.
The flow supports all three response types:
code id_token
code token
code id_token token
In other words, this flow can obtain an authorization code and tokens (id token and/or access token) from the Identify OAuth 2.0’s authorization endpoint, it also can request a token from the token endpoint.
You can find samples for ASPNetWebMvc and NancyOwinClient on our GitHub repository that illustrates how to execute a hybrid flow request against Identify OAuth 2.0 authorization server.
Please note that you must set 2 options "Allow code flow" and "Allow implicit flow" enabled on the OpenID Connect application to use the hybrid flow.