In this sub-module, the person who has the Super Administrator account will be able to create the keys for the access and use of APIs information. That is to say, from this option the API Key and API Secret of the base contracted in Fracttal can be obtained.
OAuth Consumers: OAuth Consumers are a feature used in FRACTTAL API that is based on the OAuth 2.0 authentication protocol. This protocol provides a secure and widely recognized form of authentication and authorization in web and mobile applications.
OAuth Consumers are used to allow third-party applications to obtain authorization and access protected resources in the system. This is especially useful when we want to integrate external services or applications that require access to certain data or functions from our users into FRACTTAL.
Authorization Code: This type of authorization is used when the application needs to access protected resources on behalf of a specific user. When an application with Authorization Code attempts to access protected resources, it redirects the user to an authorization page in FRACTTAL API. Here, the user must authenticate and give consent to allow the application to access their resources. Once the user has given consent, the application receives an "authorization code" which is then exchanged for an "access token". This access token allows the application to make requests on behalf of the user without requiring the user to authenticate on each request.
Client Credentials: This type of authorization is best suited for applications or services that need to access resources without direct user intervention. When configuring an OAuth Consumer with Client Credentials, access keys (key and secret) are generated for the application. These keys allow the application to obtain an "access token" without requiring user authentication on each request. This is useful for cases where the application needs to perform actions or access information in the system in an automated way, such as in background tasks or periodic processes.
Application authorization: This is essential to ensure users' security and privacy, as it allows them to have control over the data and resources that the third-party application can access on their behalf. In addition, these authorizations can be revoked at any time, providing users with an additional level of control and protection over their data.