Implementing OAuth 2.0 with Zoomdata
Zoomdata supports the OAuth 2.0 protocol's implicit workflow for user authentication and authorization.
A client is a third-party application that is attempting to access the user's account. It needs to get permission from the resource owner before it can do so.
A resource server is the Zoomdata server used to access the user's information.
An access token is a token created by a resource server and returned to an authorized client, identifying that client in future requested transactions.
A transaction is an attempt by a client to create, read, update, or delete Zoomdata resources or to use Zoomdata functionality in a third-party application.
In Zoomdata's implementation, only a Zoomdata server's supervisor can create a client to access that particular server. After a Zoomdata server's supervisor has created one or more clients, developers can use those clients to request access tokens from the Zoomdata server. At this point, the Zoomdata server will request the user grant access to the application. When the user grants access, the server supplies an access token to the client application. Once those access tokens are granted, the client application can use those access tokens to request Zoomdata transactions, getting data and using functionality, in their own applications.
The following high-level steps will guide you in this workflow.
- If you are working with Zoomdata 2.3 or later, you must first enable OAuth .
- Register an OAuth Client .
- Request an Access Token .
- Request a Transaction .
With the preceding high-level steps, developers can add to their applications the ability to use Zoomdata data and functionality in their own application, restricting authorization to the level and permissions of the user logged in.