Connections Cloud now supports both OAuth 1.0 and OAuth 2.0 standard authorization protocols. Third-party applications ("consumer" applications) can use a combination of OAuth and the Connections Cloud API to access user data stored in Connections Cloud.
Before a consumer application can access a user's IBM Connections data, an IBM Connections administrator must register the application. When the user accesses the application, the client and the server perform the "OAuth dance" in which information is exchanged. The application requests permission from the client to access user data; the client give the application explicit permission.
After the consumer application is registered and has permission to access user data, it can employ the user's data, and push its own data to a user's status updates. In this scenario, the application receives permission to access all of the user's data, including photographs, personal profile information, and any content they have added anywhere in Connections Cloud. For example, a social networking application could display a user's profile picture and personal information. It could also push status updates the user makes in the consumer application to the Connections Cloud activity stream and status updates.
Parent topic: Developing cloud applications