668
edits
Changes
→Establishing Credentials
* a user interacting with a data consumer decides to connect it to her data host, triggering the consumer to redirect the user to the data host with a permission request.
* the user is prompted to approve the request, at which point the data host redirects the user's browser back to the data consumer with a confirmation code.
* the data consumer makes an API call to the data host, authenticated with the consumer's credentials, exchanging to exchange the confirmation code for an <tt>access_token</tt> (and, in OAuth 1.0, an <tt>access_token_secret</tt>.).
The resulting access token is the user-specific credential that can be used to make API calls.
