The OAuth standard framework enables secure, delegated access to services over HTTPS. OAuth provides tokens (sometimes called "valet keys") that provide access to your data that is hosted by a specific service provider. Each token grants access to a specific site for specific resources, for a defined period of time. A later version of this protocol, OAuth 2.0, uses a different data instance type.
Your applications can act as an OAuth 1.0 consumer and client. As a result, your application can access private resources stored in external websites like LinkedIn, which support the OAuth 1.0 protocol.
Create an OAuth Client data instance to allow your application to securely access Web Service APIs such as those provided by LinkedIn.com, Twitter.com, and Flickr.com, without storing or disclosing individual users' names and passwords. For example, you can query your LinkedIn account for information about your connections to help you build relationships with customers with whom you connect through your application.
Activities that submit information to the application that you want to connect to and receive tokens back from use data stored in the OAuth Client data instance.
Each external application handles OAuth in its own way. Consult the API guide for the application that you want to work with. At a high level, the process involves these steps:
- Get a request token. This is a temporary token that the application that you want to connect to uses to authenticate you. When you obtain a request token, you also get a token secret.
- Obtain user authorization from the application that you want to connect to, specifying the permissions (read, write, delete) that you want to use.
- Exchange the request token for an access token, which your application stores in a map value rule for reuse.
- After you get the access token, use it to make authenticated requests to the application you want to connect to, through its provided API.