What is OAuth 2.0?
OAuth 2.0 is an industry standard for secured authorisation of web applications, allowing them to request access to user-owned resources from external resource providers, without asking users for their access credentials, such as passwords. A few important characteristics of OAuth 2.0:- In order to grant access, OAuth 2.0 does not request for users’ credentials.
- OAuth 2.0 also restricts actions — it keeps a check on what an external website/application performs on the resources hosted on other websites/applications.
Roles
OAuth 2.0 is a standard designed for access delegation. This includes the following four roles participating in the OAuth 2.0 protocol (explained here in the context of integrating with Pleo):- Resource owner: Pleo’s customer - a company or an organisation (multi-entity set up) that owns a number of protected resources, such as accounting data, list of employees, etc.
- Resource server: Pleo APIs provides access to the protected resources.
- Client : Third-party applications that the Developer Partner wants to integrate with Pleo.
-
Authorisation server: Pleo provides an OAuth 2.0 implementation that fulfils the following:
- Allows clients to request access to resource servers.
- Helps resources owners to grant access to clients.
Use of OAuth 2.0 in Pleo
In Pleo, we provide an implementation of an OAuth 2.0 authorisation server to help you with the following:- Integrate third-part applications with Pleo using OAuth 2.0 as the authorisation method.
- Use OAuth 2.0 to access the Pleo APIs.
How to use OAuth 2.0?
In order to integrate your application with Pleo using OAuth 2.0, you must perform the following:- Register your application and receive OAuth 2.0 client credentials - client identifier and client secret.
- Integrate an OAuth 2.0 client library in your application.
- Configure your OAuth 2.0 client to work with Pleo’s authorisation server.