The Client-facing API uses the standard OAuth 1.0a flow with the exception of having no User Authorization for Consumer Access to Resources since there is no data involved which is owned by the user. General information on OAuth 1.0a can be found at http://tools.ietf.org/html/rfc5849. You can also find information on how to send and sign an OAuth 1.0 request at http://oauth.net/core/1.0/#signing_process.
- Request Credentials (Token): https://services.foresee.com/services/oauth/request_token
- User Authorization: https://services.foresee.com/services/oauth/user_authorization
- Access Token: https://services.foresee.com/services/oauth/access_token
Examples of ForeSee’s oAuth authentication code libraries.
ForeSee’s OAuth 1.0a Flow Description
1. User requests protected Consumer endpoint, such as /currentUser.
2. – Is User authenticated?
2.1. If No:
2.1.1. Consumer retrieves request credentials from Services using client credentials.
2.1.2. Consumer attempts to authenticate with request credentials.
2.1.3. – Is User logged in already?
220.127.116.11 If No:
18.104.22.168.1. Consumer redirects to Services login.
22.214.171.124.2. User logs in using Services (portal) Username and Password.
126.96.36.199. Services authenticates request credentials.
188.8.131.52. Services redirects to Consumer callback URL using authorized credentials.
184.108.40.206. Consumer retrieves token (access) credentials from Services using authorized credentials.
2.2. Consumer returns protected endpoint.
2.3. Consumer requests resource from Services using access credentials
2.4. – Is User authorized?
2.4.1. If Yes – Services returns resource.
2.4.2. If No – Services returns 401 status code.
ForeSee’s OAuth 1.0a Flow Illustration