The LivingOS

Authentication & Authorization

All APIs on The LivingOS Open API Platform are secured using OAuth 2.0 standards. Depending on the API category, either the Client Credentials (2-Legged) or Authorization Code Grant (3-Legged) flow is used.

OAuth 2.0 Overview

OAuth 2.0 is an industry-standard protocol for authorization. It allows applications to obtain limited access to user accounts on an HTTP service.

Grant Types

1. Client Credentials Grant

  • Used for server-to-server authentication, outside the context of a user.
  • Suitable for accessing resources owned by the client itself.
  • Example use case: backend services communicating securely.

2. Authorization Code Grant

  • Used when an application needs to access resources on behalf of a user.
  • The user authenticates and authorizes the application to access their data.
  • Example use case: web or mobile apps acting on behalf of users.

How to Authenticate

  1. Register your application on the developer portal to obtain your client credentials.
  2. Choose the appropriate grant type based on your use case.
  3. Follow the OAuth 2.0 flow to obtain an access token.
  4. Include the access token in the Authorization header when making API requests.

For detailed steps and code samples, see the Authentication Guide.

Last modified on