Difference between revisions of "OAuth 2.0"
(→Authorization types (Grant types)) |
|||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | <div style="float:right">__TOC__</div> | ||
SoFurry uses OAuth 2.0 to provide authorized access to its API. | SoFurry uses OAuth 2.0 to provide authorized access to its API. | ||
| Line 9: | Line 10: | ||
::A wealth of client libraries and example code are compatible with SoFurry's OAuth implementation. | ::A wealth of client libraries and example code are compatible with SoFurry's OAuth implementation. | ||
*'''Easy:''' | *'''Easy:''' | ||
| − | ::Using OAuth is easy for both users and developers. All a user has to do to grant access to a certain application is to | + | ::Using OAuth is easy for both users and developers. All a user has to do to grant access to a certain application is to click on the "Authorize" button on SoFurry when asked. |
| + | |||
| + | == Authorization types (Grant types) == | ||
| + | SoFurry supports multiple grant types: | ||
| + | |||
| + | *'''Authorization code''' | ||
| + | *'''Client credentials''' | ||
| + | *'''User credentials''' | ||
| + | |||
| + | Though, to provide better security, only the "Authorization code" and "Client credential" type can be used by 3rd-party developers. | ||
| + | |||
| + | Furthermore, SoFurry also supports refresh tokens. | ||
| + | |||
| + | |||
| + | For a complete tutorial on how to connect to the SF API, look here: [[Tutorial: Connecting to the SoFurry API]] | ||
| + | |||
| + | == SoFurry and OAuth 2.0 == | ||
| + | The '''SoFurry OAuth endpoints''' can be reached under: | ||
| + | |||
| + | *'''Authorization endpoint''' (Auth server): https://www.sofurry.com/auth/authorize | ||
| + | *'''Token endpoint''' (Auth server): https://www.sofurry.com/auth/token | ||
| + | |||
| + | The '''resource server URLs''' (for API v3) can be found here: [[:Category:REST API calls|SoFurry API calls]] | ||
| + | |||
| + | == Authorization code request flow == | ||
| + | [[File:OAuth Auth code flow.png]] | ||
| + | |||
| + | |||
| + | == Client credentials request flow == | ||
| + | [[File:OAuth Client credentials flow.png]] | ||
Latest revision as of 10:13, 6 March 2016
SoFurry uses OAuth 2.0 to provide authorized access to its API.
Error creating thumbnail: File missing
Features
- Secure:
- Users are not required to share their passwords with 3rd party applications, increasing account security.
- Standard:
- A wealth of client libraries and example code are compatible with SoFurry's OAuth implementation.
- Easy:
- Using OAuth is easy for both users and developers. All a user has to do to grant access to a certain application is to click on the "Authorize" button on SoFurry when asked.
Authorization types (Grant types)
SoFurry supports multiple grant types:
- Authorization code
- Client credentials
- User credentials
Though, to provide better security, only the "Authorization code" and "Client credential" type can be used by 3rd-party developers.
Furthermore, SoFurry also supports refresh tokens.
For a complete tutorial on how to connect to the SF API, look here: Tutorial: Connecting to the SoFurry API
SoFurry and OAuth 2.0
The SoFurry OAuth endpoints can be reached under:
- Authorization endpoint (Auth server): https://www.sofurry.com/auth/authorize
- Token endpoint (Auth server): https://www.sofurry.com/auth/token
The resource server URLs (for API v3) can be found here: SoFurry API calls
Authorization code request flow
Client credentials request flow
