OAuth-API Based

  • OAuth 2.0 protocol allows the resource owner to grant limited access to their resources available on one website, to another website.
  • Additionally, it allows this access without any exposure of resource owner's credentials.
  • Users can then revoke access to their data at any time.

Two standard types of flows are supported:

  1. API based workflow
  2. Redirection based workflow

API Based Workflow

The API-based workflow is a two step process:

Step 1

  • Generate OTP for users using Generate OTP endpoints.
  • User will obtain a One Time Password (OTP) on their registered email address with a validity of 10 mins.
HTTP MethodResourceDescription
GET/oauth/authenticate/otp?username={username}API accepts username and sends OTP to registered email.

Important Links

API Endpoint

Step 2

  • Provide the OTP and username (user's email) to Verify the OTP endpoint.
  • Obtain the access_token and use that with all subsequent requests
HTTP MethodResourceDescription
POST/oauth/authenticate/otp?username={username}&otp={otp}API accepts username and OTP to obtain resource owner's access_token.

Important Links

API Endpoint