Open Authorization
Added by IBM contributorIBM | Edited by IBM contributorElizabeth Bowling on October 7, 2015
Rate this article 1 starsRate this article 2 starsRate this article 3 starsRate this article 4 starsRate this article 5 stars

Open Authorization (OAuth) enables third-party applications to ask your IBM® Connections Cloud users for access to their data.

Connections Cloud now supports both OAuth 1.0 and OAuth 2.0 standard authorization protocols. Third-party applications ("consumer" applications) can use a combination of OAuth and the Connections Cloud API to access user data stored in Connections Cloud.

Before a consumer application can access a user's IBM Connections data, an IBM Connections administrator must register the application. When the user accesses the application, the client and the server perform the "OAuth dance" in which information is exchanged. The application requests permission from the client to access user data; the client give the application explicit permission.

After the consumer application is registered and has permission to access user data, it can employ the user's data, and push its own data to a user's status updates. In this scenario, the application receives permission to access all of the user's data, including photographs, personal profile information, and any content they have added anywhere in Connections Cloud. For example, a social networking application could display a user's profile picture and personal information. It could also push status updates the user makes in the consumer application to the Connections Cloud activity stream and status updates.

Parent topic: Developing cloud applications