Technical Implementation
OAuth 2.0 specification
The platform has a full OAuth 2.0 server implementation which is the industry-standard protocol for authorization. Simplifying the processes for client developers / integration partners whole providing specific authorization flows for any environment such as web, tablet, desktop and mobile applications (even smart home devices) without handing over full control.
OAuth 2.0 is used everywhere, think of Facebook and Google, to startups and
cloud services.
AUTHORIZATION SERVER
This server is the interface in which the resource owner approves or denies the request made to this server from the resource server.
RESOURCE SERVER
This server is the interface for what most of us call an API; an API is a set of functions and/or procedures allowing to create apps and websites that access data from other applications, systems and/or services.
CLIENT
A client is the application that is trying to gain access to the resource owner's data. In order to get this data the client needs to obtain the permissions from the resource owner through the authorization server in order to obtain this data.
RESOURCE OWNER
The resource owner is the person who is granting access to all or some portion of their data.