Privacy/BestPractices/OAuth: Difference between revisions

Jump to navigation Jump to search

Privacy/BestPractices/OAuth (view source)

Revision as of 22:08, 27 May 2011

8 bytes added ,  27 May 2011
→‎Making API Calls
Line 23: Line 23:
The resulting access token is the user-specific credential that can be used to make API calls.
The resulting access token is the user-specific credential that can be used to make API calls.


=== Making API Calls ===
=== Authenticating API Calls ===


To make OAuth-credentialed API calls, the consumer adds authentication information to the HTTP calls it makes. This authentication information ranges from adding the access token as a GET parameter (OAuth 2.0 bearer tokens), to canonicalizing the request and signing it with HMAC using a combination of the <tt>consumer_secret</tt> and <tt>access_token_secret</tt> (OAuth 1.0 HMAC).
To make OAuth-credentialed API calls, the consumer adds authentication information to the HTTP calls it makes. This authentication information ranges from adding the access token as a GET parameter (OAuth 2.0 bearer tokens), to canonicalizing the request and signing it with HMAC using a combination of the <tt>consumer_secret</tt> and <tt>access_token_secret</tt> (OAuth 1.0 HMAC).
BenAdida
668

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/313563"

Navigation menu