OAuth 2.0 and Client Credentials Overview
OAuth 2.0 with the client credentials grant is a way for applications like GENESIS to securely access your data on another service without needing a password. This method is typically used for server-to-server interactions, like when a back-end service (GENESIS) needs to access another service's API without user involvement. For more information, refer to Authentication Methods.
This is how it works:
- Register Application: You register the desired application on the REST API that you want to access. During this process, you receive a client ID and a Client Secret code.
- Request Token: GENESIS uses the client ID and client secret to request an access token from the service.
- Receive Access Token: The REST API verifies the credentials and provides an access token.
- Access Resources: GENESIS uses this access token to access the resources on the REST API.
Once the authentication is complete and the access token is retrieved, GENESIS saves the access token securely to use it for data access. If the REST API returns a refresh token, it is stored as well and used to automatically refresh the access token when it expires.
What's Next?