Public API - OAuth Protocol

OAuth Protocol

The Client-facing API uses the standard OAuth 1.0a flow with the exception of having no User Authorization for Consumer Access to Resources since there is no data involved which is owned by the user. General information on OAuth 1.0a can be found at http://tools.ietf.org/html/rfc5849. You can also find information on how to send and sign an OAuth 1.0 request at http://oauth.net/core/1.0/#signing_process.

OAuth Endpoints

  • Request Credentials (Token): https://services.foresee.com/services/oauth/request_token
  • User Authorization: https://services.foresee.com/services/oauth/user_authorization
  • Access Token: https://services.foresee.com/services/oauth/access_token

Code Examples

Examples of ForeSee’s oAuth authentication code libraries.

ForeSee’s OAuth 1.0a Flow Description

1. User requests protected Consumer endpoint, such as /currentUser.
2. Decision Point – Is User authenticated?
2.1. If No:
2.1.1. Consumer retrieves request credentials from Services using client credentials.
2.1.2. Consumer attempts to authenticate with request credentials.
2.1.3. Decision Point – Is User logged in already?
2.1.3.1 If No:
2.1.3.1.1. Consumer redirects to Services login.
2.1.3.1.2. User logs in using Services (portal) Username and Password.
2.1.3.2. Services authenticates request credentials.
2.1.3.3. Services redirects to Consumer callback URL using authorized credentials.
2.1.3.4. Consumer retrieves token (access) credentials from Services using authorized credentials.
2.2. Consumer returns protected endpoint.
2.3. Consumer requests resource from Services using access credentials
2.4. Decision Point – Is User authorized?
2.4.1. If YesServices returns resource.
2.4.2. If NoServices returns 401 status code.

ForeSee’s OAuth 1.0a Flow Illustration

oAuthFlow

Other articles in this section:

  1. OAuth Protocol (current article)
  2. Date Resolution
  3. Endpoints
  4. Glossary of Terms