HxGN SDx uses OAuth 2 as the authorization framework that enables client applications to obtain access to data on the HxGN SDx Server API. There are four key OAuth roles involved during the authorization process:
Resource Owner: User
The resource owner is the user who authorizes an application to access data in HxGN SDx. The application's access to the account is limited to the "scope" of the authorization granted.
The client is the application that requires access to the user's account. Before that it must be authorized by the user, and authorization must be validated by the API.
Resource Server: API
The resource server hosts the protected data.
The Authorization Server verifies the identity of the user and then issues access tokens to the application.
Application Registration - Before using OAuth with HxGN SDx, the application must be registered with the Authorization Server using Authorization Code with PKCE as the selected OAuth flow.
Client ID and Client Secret - Once HxGN SDx has been registered, the service will issue "client credentials" in the form of a client identifier and client secret.