OAuth
Here's how OAuth works:
- The application gets a one-time RequestToken which is used to retrieve the results of user authorization.
- UserAgent redirection allows credential and authorization decisions to be entered entirely within Veriplace's security domain.
- Since Veriplace controls the UI for authorization decisions, these can be as simple as yes-no approval or more nuanced, giving control over time of day or other usage.
- The retrieved AccessToken corresponds to the user's authorization decisions. The application stores it to subsequently access secure resources, such as location.