| Info |
|---|
OAuth 2.0 is a multi step process to request an authentication token, which can then be used to make authenticated HTTP requests. See Introduction to OAuth 2.0 for a thorough explanation. Iguana connects with services which use OAuth 2.0 authentication, so it is important to know how this can be accomplished. |
...
Basic Workflow
The basic OAuth 2.0 workflow is shown in the following diagram. There are three main steps.
The client is provided an “Authorization Grant”, a permanent (or semi-permanent, expiring after a period of months or years) token used for making an initial request to retrieve an access token. These are commonly in the JWT format.
The client sends the “Authorization Grant” to the OAuth server or service provider. The server verifies the legitimacy of the “Authorization Grant” and sends back an access token to the client. This access token will be impermanent and expire after a short period of time (often one hour).
The client sends their HTTP request, with the access token in the header, to the OAuth server. The server confirms the legitimacy of the access token and forwards the HTTP request to the web service endpoint, and forwards the response back to the client.
Sample Script
The following code is an example of a translator script which sends an HTTP request to a web service endpoint.
...