OAuth Provider overview
API Connect supports OAuth Specification 2.0, for both Native and Third party implementations.
Introduction to OAuth
OAuth is a token-based authorization protocol that allows third-party websites or applications to access user data without requiring the user to share personal information. In API Connect, you can secure an API with OAuth.
In Cloud Manager, you configure both Native and Third party OAuth providers that can be made visible to selected Provider organizations. The OAuth Provider configuration is based on the OAuth 2.0 Specification, which is available at https://tools.ietf.org/html/rfc6749. Knowledge of the OAuth 2.0 specification is required to implement an OAuth Provider in API Connect.
One of the following roles is required to configure OAuth Providers:
- Administrator
- Owner
- Topology Administrator
- Custom role with the Settings:Manage permissions