OAuth 2 is an open authentication and authorization framework that orchestrates secure access to resources over HTTP. It delegates user authentication to the service that hosts the user account and grants authorization to specific third-party applications to access that account.

In the context of OAuth, the following terms are used as defined:

• Resource.Information or functionality available through a RESTful API.

• Client.The application requesting access on behalf of a user's account. Before it can get access, it must first be authorized by the user, and then the authorization must be validated by the API.

• Resource owner.The user who authorizes an application to access their account.

• Authorization server.Verifies the identity of the user, then issues access tokens to the application.

• Resource server.Hosts the APIs and the protected user accounts.

You can find illustrations that show how OAuth works from different points of view. Here is a protocol flow illustration that may help NorthStar users who have no prior experience provisioning OAuth:

The NorthStar REST interface is the Authorization Server and Resource Server in the above illustration. The NorthStar Controller's administrator web interface is available for managing NorthStar users.

Gets an authentication token that permits access to the NorthStar REST API. The token can be used in HTTP headers for subsequent RESTful requests for a period of time that you can set.

 {"grant_type":"password","username":"admin","password":"myNewAdminPassword"} 

{ "access_token": "zRApShiOxoCcBiFGPRhISKAbaUACWQBRqMPmaq40/NU=","token_type": "Bearer"}