...
The OAuth protocol has the following typical workflow:
Gliffy Diagram |
---|
size | L |
---|
name | OAuth Workflow |
---|
page | GADGETS:Configuring OAuth |
---|
pageid | 200213386 |
---|
align | center |
---|
space | GADGETS |
---|
|
Wiki Markup |
---|
{gliffy:name=OAuth Workflow|space=GADGETS|page=Configuring OAuth|pageid=200213386|align=center|size=L} |
- Establish an OAuth relationship between a consumer and a service provider. A relationship is typically 'unidirectional', in which one application is the consumer and the other is the service provider. However, depending on the applications involved, this relationship could be established on either the consumer's or service provider's OAuth configuration areas. This step only needs to be performed once, although it must be conducted so that your consumer and service provider can communicate via OAuth.
- When the consumer needs to access the service provider's resources, the consumer asks the service provider for a 'request token', which is the initial step in the consumer's request to access the service provider's resources. Like access tokens, request tokens are also dissociated from a user's authentication details.
- The service provider first validates that this request came from one of its registered consumers (established in step 1), then creates a request token and gives it to the consumer.
- Once the consumer receives the request token, the consumer asks the user to approve the request token by sending the user to the service provider. If the user is required to log in to the service provider, they will be prompted to do so.
- The user is then prompted to either approve or deny the consumer's access to the request token.
- Once the user approves access, the service provider exchanges the consumer's approved request token for an access token.
- The consumer then uses the access token to access the service provider's permitted resources. The consumer can continue to access the service provider's resources until either the access token expires, or the user revokes the access token on the service provider. If the consumer needs to access the service provider's resources after either of these events occurs, then the OAuth workflow would start again from step 2 (above).
Access tokens issued by Atlassian applications expire after seven days.
...
An Atlassian application's OAuth administration page is available from within the application's administration area.
Include Page |
---|
| GADGETS:_Content for Using the OAuth Administration Page |
---|
nopanel | true |
---|
| GADGETS:_Content for Using the OAuth Administration Page | nopanel | true |
---|
|