The StatPro Revolution Web API uses the OAuth 2.0 Authorization Framework for user authentication and authorization.
OAuth 2.0 significantly improves upon older authentication methods such as HTTP Basic Authentication and HTTP Digest Authentication in that:-
OAuth 2.0 improves upon OAuth 1.0 in that the use of Bearer Access Tokens and the mandated use of HTTPS endpoints means that the complexities of cryptographic signatures (required by OAuth 1.0) are removed. OAuth 2.0 is rapidly becoming the de facto way of providing authentication and authorization for secure Web APIs.
There can be no doubt that the use of OAuth2 adds significant conceptual overhead over and above (say) HTTP Basic Authentication, where all an app needed to specify was the following request header:-
Authorization: Basic base64(username:password)
The good news is that:-
The following Topics pages should be read in the following order, to gain a full understanding of OAuth 2.0 authorization for the Revolution Web API.
Last updated: March 2019