OAuth 2.0 and Authorization Code Grant Overview
OAuth 2.0 with the authorization code grant is a way for applications like GENESIS to securely access your data on another service without needing a password. This is how it works:
- Application registration: You register the desired application on the REST API that you want to access. During this process, you receive a client ID and a Client Secret code. You also need to specify a redirect URL for the REST API to post the temporary code to GENESIS during the authentication.
- User authorization: You log into the REST API and grant permission for the application to access your data.
- Authorization code: The service sends GENESIS a temporary code.
- Access token:GENESIS exchanges this code for an access token by securely communicating with the service.
- Data access: With the access token, GENESIS can now access your data on the service, but only within the permissions you granted.
Once the authentication is complete and the access token is retrieved, GENESIS saves the access token securely to use it for data access. If the REST API returns a refresh token, it is stored as well and used to automatically refresh the access token when it expires.
This process ensures that your password is never shared with the application, and the access token can be limited in scope and duration. For more information, refer to Web Services Authentication Methods.
What's Next?