The WSC OAuth-Provider allows your WSC installation to be an OAuth-Provider. Therefore other applications supporting OAuth can use your WSC installation for authentication of the users.
There are two group permissions:
|Can use OAuth||User||Allows an user to authorize applications|
|Can manage OAuth-Clients||Admin||Can manage OAuth-Clients|
Configuration > Security > OAuth-Provider:
- Send Emails to the user if client is authorized for the first time - user get’s an email with information about his authorization. You should enable this option e.g. when using password grant type.
Please use only encrypted connections (SSL/TLS) for accessing the OAuth-Endpoints, as personal information (e.g. email address) is transfered or can be accessed.
POST for transfering parameters wherever possible.