Authentication Workflow
Here’s how the process typically works.
- User presses a “Connect to WHASOLS” button inside your app.
- Your app redirects the user directly to the WHASOLS installation.
- While logging into the WHASOLS users authorizes your app to access their WHASOLS account using the permissions your app has requested.
- Users’ll be redirected back to your app with an authorization code after the user approves your app.
- This authorization code can be used by your app to make a request then for a re-usable access token which can be used to make subsequent requests to the WHASOLS API. This takes place only in the background and should not be visible to end users.
A valid API Client Credential Identifier and Secret are required for all OAuth requests to be made place. Credentials for OpenID connect can be created via the OpenID Connect admin interface. For Single Sign-On credentials, we recommend using the Provisioning Module API for Application Links. Alternatively, OAuth Client Credentials can be provision and manage via the WHASOLS API.