Guides

OAuth 2.0

Suggest Edits

What is OAuth?

OAuth 2.0, or simply OAuth, is an industry standard for secured authorisation of web applications, allowing them to request access to user-owned resources from external resource providers, without asking users for their access credentials, such as passwords.

A few important characteristics of OAuth 2.0:

  • In order to grant access, OAuth does not request for users' credentials.
  • OAuth 2.0 also restricts actions - it keeps a check on what an external website/application could perform on the resources hosted on other websites/applications.

Implementation of OAuth in Pleo

In Pleo, we provide an implementation of an OAuth authorisation server, where we allow Developer Partners to do the following:

  • Integrate third-party applications with Pleo.
  • Access the Pleo APIs for transferring accounting data of customers recorded in Pleo to the third-party applications.

How to use OAuth?

In order to integrate your application with Pleo using OAuth, you must perform the following:

  1. Register your application and receive OAuth client credentials - client identifier and client secret.
  2. Integrate an OAuth client library in your application (recommended) or implement it from scratch.
  3. Configure your OAuth client to work with Pleo's authorisation server.

After completing these steps, users of your application could successfully and securely transition data from Pleo.

Roles

OAuth is a standard designed for access delegation. This includes the following four roles participating in the OAuth protocol (explained here in the context of integrating with Pleo):

  • Resource owner: Pleo's customer - a company or an organisation (multi-entity set up) that owns a number of protected resources, such as accounting data, list of employees, etc.
  • Resource server: Pleo APIs provides access to the protected resources.
  • Client : Third-party applications that the Developer Partner wants to integrate with Pleo.
  • Authorisation server: Pleo provides an OAuth implementation that fulfils the following:
    • Allows clients to request access to resource servers.
    • Helps resources owners to grant access to clients.

Updated 6 days ago