cancel
Showing results for 
Search instead for 
Did you mean: 

What is the intended flow for OAuth Authentication with the API ?

What is the intended flow for OAuth Authentication with the API ?

paul_heng
New Contributor

Hey,

 

I'd like to develop a web app using the API but I don't really understand what is the intended way to use the OAuth authentication. There are no CORS headers so I need to use a backend application, but if I understand correctly, the user must send it's credentials (ID, secret, and token) so there is a risk that the backend app can intercept it.

What are the advantages of using OAuth compared to getting a token from the HM directly since you have to send them to a backend app anyway ?

 

Thanks in advance

2 REPLIES 2

paul_heng
New Contributor

Thanks for you answer !

samantha_lynn
Esteemed Contributor III

Entering the token in to HiveManager will allow you to use OAuth (we aren't 100% OAuth compliant, but we can work with OAuth), which is more secure than just getting a token from HiveManager. You'd want to click on the silhouette icon in the top right hand corner of the HiveManager> Global Settings> API Token Management (left hand side menu)> Enter the token your API uses.

GTM-P2G8KFN