Authorization to Grubtech Endpoints

GrubTech uses OAuth 2.0 an authorization protocol for its public APIs.

What is OAuth 2.0?

OAuth 2.0, refers to “Open Authorization”, a standard designed to allow a website or application to access resources hosted by other web apps on behalf of a user. As an authorization protocol OAuth 2.0 enables applications to obtain limited access on an HTTP service. It is designed primarily as a means of granting access to a set of resources, for example, remote APIs or user data.

Using OAuth 2.0

To use OAuth 2.0, the Client must acquire its own credentials, a client id and client secret, from the Authorization Server in order to identify and authenticate itself when requesting an Access Token.

Using OAuth 2.0, access requests are initiated by the Client, e.g., a mobile app, website, desktop application, etc. The token request, exchange, and response follow this flow.

OAuth2.0 Roles

Roles are a part of the core specification of the OAuth2.0 authorization framework:

• Resource Owner: The system that owns the protected resources and can grant access to them.
• Client: The client is the system that requires access to the protected resources. To access resources, the Client must hold the appropriate Access Token.
• Authorization Server: This server receives requests from the Client for Access Tokens and issues them upon successful authentication and consent by the Resource Owner. The authorization server exposes two endpoints: the Authorization endpoint, which handles the interactive authentication and consent of the user, and the Token endpoint, which is involved in a machine-to-machine interaction.
• Resource Server: A server that protects the user’s resources and receives access requests from the Client. It accepts and validates an Access Token from the Client and returns the appropriate resources to it.