OAuth enhancements

Brief introduction to the topic that appears on overview pages and in link previews.

Geneva

  • OAuth third-party provider application registries now use profiles and scopes:
    • The OAuth profile specifies the grant type (authorization code flow or password flow) and the scope. See Specify an OAuth profile for more information.
    • OAuth scopes specify the level of access to a restricted resource. Typically access is write or read. See Specify an OAuth scope for more information.
  • The getToken method in GlideOAuthClient allows you to retrieve the access token, refresh token, and expiration date and time for the access token.
  • OAuth supports the authorization code flow grant type, which you can specify in an OAuth profile. This feature allows a user to access a resource by authenticating directly with a third-party OAuth server that trusts the resource, instead of authenticating with username + password credentials.
  • OAuth supports application scoping by providing access by providing access to all OAuth methods using the sn_auth prefix. See Scoped OAuth APIs.
  • A new method, requestTokenByRequest, is available for the GlideOAuthClient class.