OAuth 2.0 Authorization Support
Use OAuth 2.0 authorization for improved security and more control over credential permissions.
OAuth 2.0 is an authorization framework you can use to provide secure, limited access to the Airship API. Instead of providing a single string like with Basic Auth or Bearer Token authorization, you regularly fetch short-lived bearer tokens to use in your API calls.
This method provides better security than Basic Auth and Bearer Token since, in the event of the tokens becoming public, they can only be used for a short time before they expire. Another benefit is control of permissions. Instead of broad access to the API, you select one or more scopes that define which endpoints and operations are authorized for the tokens, and you can edit them at any time.
Workflow
Getting an OAuth 2.0 token is a two-step process. Put simply, first you create client credentials in your Airship project settings, then you use the credentials to request tokens to use in your API calls.
Need more details? Here you go:
- Create client credentials in your Airship project settings and specify the scope of permissions to authorize for issued tokens. You can also specify an expiration date and time for the credentials or revoke them later.
- Request a token using the credentials. In your request, you can restrict a token to specific permission scopes and/or IP addresses. We built the new OAuth API for requesting tokens and verifying keys.
- Refresh the token before it expires. Keep refreshing until it is no longer needed, or revoke the credentials in the dashboard if you want to disallow further token requests.
An additional important detail about OAuth 2.0 authorization it that you must use different base URLs than Basic Auth and Bearer Token authorization.
Documentation
Go to Airship API Security to learn about OAuth 2.0 and client credentials. In the API reference, see:
- Base URLs for OAuth authentication in the Base URLs section
- HTTP Authentication: Basic Auth (OAuth) in the Authentication section
- OAuth Authentication: OAuth 2.0 in the Authentication section
- OAuth API
Categories