Allowing a Consumer Application to Access the Resources of an Atlassian Servicer Provider
The following procedure uses an Atlassian gadget to demonstrate how an application (the consumer) can access the resources of your Atlassian application via OAuth, on your behalf. For the consumer application to gain access to your Atlassian application's resources, you must have a user account with your Atlassian application.
To allow a consumer application to access your Atlassian application's resources via a gadget,
Ensure that the consumer application has been configured as a consumer of your Atlassian application's resources via OAuth.
Add a gadget of your Atlassian application to the consumer application. For more information on how to do this, please refer to the following topics:
Once your gadget has been added to the consumer application, the gadget displays a message along its top edge, indicating that if you are a registered user of your Atlassian application, more of its resources may be available to you.
If you do not see this message, you may need to log in to the consumer application.
Click the 'Login & approve' button.
A new window is displayed with your Atlassian application's login screen. Enter your Atlassian application's user account login details into this page.
If you are already logged in to your Atlassian application on the same computer, this step might be skipped.
If your login credentials were recognised by your Atlassian application, the 'Request for Access' page is displayed, requesting that you approve or deny the consumer application access to your Atlassian application's resources. Click the 'Approve Access' button to approve this access.
The Request for Access window closes and the message along the top of your gadget on the consumer application will be removed. This gadget will now be able to access the resources of your Atlassian application, based on your Atlassian application's user account credentials.
Screenshot: Approving a Gadget's Access to your Resources
Screenshot: Request for Access Message
Screenshot: A Gadget after OAuth Access has been Approved
Revoking Access Tokens
Once you have allowed a consumer application to access an Atlassian service provider's resources on your behalf, the access token issued to the consumer will be accessible from your account area of the Atlassian service provider application. This area shows all access tokens issued by the service provider to all consumer applications, to whom you have granted access to your service provider's resources.
You can revoke any access token from this area. Doing this prevents the applicable consumer application from accessing the service provider's resources on your behalf until you grant that consumer access again.
To revoke an access token,
Go to your 'OAuth Access Tokens' page of the Atlassian service provider application.
Click the 'Revoke OAuth Access Token' link next to the access token of the consumer application whose access you wish to revoke.
The consumer's access token is removed from your 'OAuth Access Tokens' list.