The security token service included with Smart API Manager is based on IdentityServer4, so the authorization requests you code up in your client are based on the requirements and standards defined by IdentityServer4.
You don't have to be familiar with every detail of IdentityServer to program with Smart APIs. The information provided here is for completeness.
If you want to learn more, here are some links to start with:
-
To learn more about IdentityServer4, see the IdentityServer4 documentation
-
For a big-picture overview, see: Introduction to OpenID Connect, OAuth2 and IdentityServer
-
For more code-centric talk, see: An Introduction to IdentityServer