Date: Fri, 29 Mar 2024 08:06:59 +0000 (UTC) Message-ID: <669136921.4148.1711699619993@localhost> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_4147_795731539.1711699619992" ------=_Part_4147_795731539.1711699619992 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
BellaDati uses the OAuth protocol to ensure only authorized user= s may access the API. Nevertheless, some selected methods are public and co= uld be accessed without authorization. The description of these method= s will contain detailed information.
OAuth uses a three-step handshake to authenticate users to the system. I= f a 3rd-party client application is accessing the API on the user's behalf,= the OAuth protocol allows users to log in directly with Belladati without = having to trust the client application with their credentials.
When a client application is making a request to the BellaDati API, it n= eeds to prove that it has been authorized by a valid user. To do this, it i= ncludes the access token received during the authentication process in ever= y API request. BellaDati verifies the token's validity before returning any= data to the client application.
When writing data to the API, client applications may want to ensure the= ir API requests reach the server in the exact way they were issued, e.g. be= cause the client is running in an untrusted network environment. To prevent= tampering, the client can attach an OAuth signature to their request, allo= wing the server to verify that the content of the message hasn't been modif= ied.
Since BellaDati 2.9.18, the OAuth 2.0 protocol is supported. For more de= tails, see here .