Before authorization begins, it first generates a random string to use for the
state parameter. The client will need to store this to be used in the next step.
/authorize? response_type=token &client_id= &redirect_uri=/implicit.html &scope=photo &state=
For this demo, we've gone ahead and generated a random state parameter (shown above) and saved it in a cookie.
Click "Authorize" below to be taken to the authorization server. You'll need to enter the username and password that was generated for you.