Understanding OAuth 2.0
OAuth (Open Authorization) is an open standard which allows an end user's account information to be used by third-party services without exposing the user's password. This is a foundation release for PeopleSoft, so the initial support is for use with Oracle Identity Cloud Service (IDCS) and Chatbot REST Services.
Currently, the only authentication options for provider REST services are Basic Authentication and PeopleSoft Token. OAuth 2.0 is the industry-standard protocol for authorization. The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.
Item |
Description |
---|---|
Representational State Transfer (REST) |
REST is a style of software architecture for distributed hypermedia systems such as the World Wide Web. |
OAuth 2.0 |
Authorization framework that enables applications to obtain limited access to user accounts on an HTTP service. PeopleTools will only use OAuth 2.0’s AccessToken for this Authorization framework. This Access Token is not used for authentication purpose. |
Access Token |
|
Grant Access Type |
Applications can request an access token to access protected endpoints in different ways, depending on the type of grant type specified in the client application. |
Oracle Identity Cloud Service (IDCS) |
Oracle’s OAuth 2.0 Server. |