Let us take an example to show you how to implement OAuth as a Consumer:

• REGISTER YOUR APP

  Create an App in any OAuth Provider like Facebook, Twitter etc. After registering your application, you will receive a Consumer Key which identifies you to OAuth Provider.You will also receive a Consumer Secret that will be required when asking for an Request Token. Save the Consumer Key and Secret so that you can use it into your code as required.

• GET A REQUEST TOKEN

  The miniOrange Authentication Service requests a Request Token.The Request Token is a temporary token used to initiate User authorization for your application. The Request Token tells OAuth Provider that you've obtained User approval, but must be exchanged, along with the OAuth Verifier, for an Access Token.

• GET USER PERMISSION TO ACCESS DATA

  After getting the Request Token from OAuth Provider, miniOrange Authentication Service presents to your Users an authorization page asking them to give permission to our application to access their data.The authorization page will only ask for permission to a limited amount of User data, based on the access scopes you specified during the initial registration process.

• EXCHANGE THE REQUEST TOKEN AND OAUTH VERIFIER FOR AN ACCESS TOKEN

  After the users authorize miniOrange Authentication Service access to their information,our application needs to exchange the approved Request Token for an Access Token, which tells OAuth Provider that miniOrange Authentication Service has been given authorization to access User data.

• AUTHENTICATE THE USER

  After obtaining user information from the Access Token, it queries miniOrange Authentication Service enduser database. If the user already exists in database, it redirects to user Self Service Console. If the user does not exist in enduser database, it redirects back to Login Page.