SmartPlant Foundation uses OAuth 2 as the authorization framework that enables client applications to obtain access to data on the SmartPlant Foundation Server API. There are four key OAuth roles involved during the authorization process:
Resource Owner: User
The resource owner is the user who authorizes an application to access data in SmartPlant Foundation. The application's access to the account is limited to the "scope" of the authorization granted.
The client is the application that requires access to the user's account. Before that it must be authorized by the user, and authorization must be validated by the API.
Resource Server: API
The resource server hosts the protected data.
The Authorization Server verifies the identity of the user and then issues access tokens to the application.
Application Registration - Before using OAuth with SmartPlant Foundation, the application must be registered with the Authorization Server as an implicit flow.
Client ID and Client Secret - Once SmartPlant Foundation has been registered, the service will issue "client credentials" in the form of a client identifier and client secret.