OAuth2 v0

Overview

This API exposes Bouygues Telecom implementation of the OAUTH2 protocol.

OAuth2 (Open Authorization 2.0) is a protocol that allows users to grant limited access to their resources on one site, such as a social media platform, to another site or application, such as a mobile app or website, without giving away their login credentials. OAuth2 is a widely-used protocol for authorization, commonly used by many major tech companies, including Google, Facebook, and Twitter. The OAuth2 protocol involves the following parties:

  1. Resource Owner: The user who owns the resource that is being shared.
  2. Resource Server: The server that hosts the protected resources that the client wants to access.
  3. Client: The application or service requesting access to the protected resources.
  4. Authorization Server: The server that verifies the identity of the user and issues an access token that can be used to access the protected resources. The OAuth2 protocol works as follows:
  5. The client requests authorization from the resource owner to access their protected resources.
  6. The resource owner authenticates with the authorization server, and grants authorization to the client to access their resources.
  7. The authorization server issues an access token to the client.
  8. The client presents the access token to the resource server to gain access to the protected resources.
  9. The resource server verifies the access token and, if it is valid, allows the client to access the protected resources. OAuth2 provides a secure and standardized way for clients to access resources on behalf of users, without compromising the user's login credentials. It also allows users to revoke access to their resources at any time, providing an additional layer of security.

An OAuth 2.0 implementation typically exposes several endpoints, which are used to facilitate the authorization process. Here are the most common ones:

  1. Authorization endpoint: This endpoint is used to initiate the authorization process. It usually receives requests from the client application and redirects the user to a login page or consent screen.

  2. Token endpoint: This endpoint is used to exchange an authorization grant (which was obtained from the authorization endpoint) for an access token. The client application uses this access token to make requests to the protected resources on behalf of the user.

  3. Refresh token endpoint: This endpoint is used to obtain a new access token when the old one has expired. The client application sends a request with the refresh token to this endpoint, and if the token is valid, a new access token is issued.

  4. Introspection endpoint: This endpoint is used to check the validity and scope of an access token. The client application sends the access token to this endpoint, and if the token is valid, it receives information about the token's expiration time and the resources it can access.

  5. Revocation endpoint: This endpoint is used to revoke an access token or a refresh token. The client application sends the token to this endpoint, and if the token is valid, it is invalidated, and can no longer be used to access protected resources. These endpoints may vary slightly depending on the specific implementation and the requirements of the system, but they are the most common ones found in an OAuth 2.0 implementation.

Documentation

News

Tutorials

Getting started

Contact

Get in touch
https://developer.bouyguestelecom.fr/contact

     
        © Copyright Bouygues Telecom 2023. All rights reserved.