OAuth 2.0

What is OAuth?

OAuth 2.0, or simply OAuth, is an industry standard for secure authorisation for web applications, allowing them to request access to user-owned resources from external resource providers, without asking users for their access credentials, such as passwords.

In Pleo, we provide an implementation of an OAuth authorization server, allowing partners to register and publish applications using OAuth capabilities to get access to Pleo APIs.

How to use OAuth

In order to integrate your application with Pleo using OAuth, you need to

1. Register your application and receive OAuth client credentials: client identifier and client secret.
2. Integrate a OAuth client library in your application (recommended), or implement it from scratch.
3. Configure your OAuth client to work with Pleo's authorization server.

After completing these steps, users of your application will be able to securely connect it to Pleo in just a few clicks.

Roles

OAuth specification defines four roles participating in the protocol. Here's what they mean in the context of Pleo.

Resource owner — Pleo customer, a company or an organisation (multi-entity company) which owns a number of protected resources, such as accounting data, list of employees, etc.

Resource server — Pleo APIs providing access to protected resources.

Client — Partner-developed integration performing requests to Pleo APIs on behalf of Pleo customers. The focus of this document is enabling the development of clients.

Authorization server — Pleo service providing OAuth implementation, allowing clients to request access to resource servers, and resources owners to grant such access.