I need to connect to another web application using webservice. That web application uses OAuth protocol to connect to their api. I am new to OAuth, but I did read the documentation 😀 .
My question is, to connect my web application with their, what data do I need from them?
I basically need to get all data of resource owners.
I think I need:
- 1) consumer key and consumer secret key from that web application
company - 2) token credential from the resource owner
I need this info right?
Can I save the resource owner token credential to get data in the future without resource owner login?
In their web application, it says I can get the following info from them:
- OAuth access tokens and secrets – > are these the token credential of
the resource owner? - OAuth Service key and secret -> what are these?
Yes. You need the resource owner to authorize your application through the OAuth flow. This is signified by token credentials (this used to be called access token).
Yes. Token credentials may have limitations on them in regards to expiration time, type of resources you can access etc. But if token credentials are expired (or invalidated by the resource owner him/herself) – your requests will not be accepted and you will have to ask the resource owner for new authorization.
Yes. Until recently token credentials were called access tokens in the specification, information about the name changes can be found here: https://www.rfc-editor.org/rfc/rfc5849#section-1.1
These are most likely the consumer key and secret.