OAuth 1.0

OAuth 1.0 is a token-based authentication method supported for HTTP Connectors. It provides an application with an access token for request authentication.

This methos uses HMAC-SHA signature strings. These strings hash the algorithms used to generate the signature for the request.

Components

• User - person who wants to get access
• Consumer - application or website that uses OAuth to access the Service Provider (Tulip)
• Service Provider - web application that allows access via OAuth (Netsuite)
• Protected Resource - data the user wants to access

Tokens

OAuth 1.0 uses a request token and access token.

• Request Token - a token containing Consumer Key and Consumer Secret used to ask the service for authorization
• Access Token - a token used to access the resource

Additionally, long-lived tokens, typically valid for a year or more