OAuth 2.0

From SoFurry
Revision as of 22:01, 5 March 2016 by TerraBAS (talk | contribs)
Jump to: navigation, search

SoFurry uses OAuth 2.0 to provide authorized access to its API.

Error creating thumbnail: File missing


  • Secure:
Users are not required to share their passwords with 3rd party applications, increasing account security.
  • Standard:
A wealth of client libraries and example code are compatible with SoFurry's OAuth implementation.
  • Easy:
Using OAuth is easy for both users and developers. All a user has to do to grant access to a certain application is to klick on the "Authorize" button on SoFurry when asked.

Authorization types (Grant types)

SoFurry supports multiple grant types:

  • Authorization code
  • Client credentials
  • User credentials

Though, to provide better security, only the "Authorization code" and "Client credential" type can be used by 3rd-party developers.

Furthermore, SoFurry also supports refresh tokens.

For a complete tutorial on how to connect to the SF API, look here. (Link pending)

SoFurry and OAuth 2.0

The SoFurry OAuth endpoints can be reached under:

The resource server URLs (for API v3) can be found here: SoFurry API calls

Authorization code request flow

OAuth Auth code flow.png

Client credentials request flow

OAuth Client credentials flow.png