Overview
Last updated
Last updated
The Passport APIs are secured by generated APP credentials and Tokens:
Scoped to a single App acting on behalf of a single Organization
Revoked immediately by deleting the App
The Passport API uses OAuth 2.0 for member(user) authorization and API authentication. Applications must be authorized and authenticated before they can fetch data from Passport or get access to Passport member data.
Depending on the type of permissions your integration will require, follow one of the two authorization flows below in Permission Types to get started.
There are several third-party libraries in the open source community that abstract the OAuth 2.0 authentication process in every major programming language.
Use the to create a new App profile, or delete/revoke an existing App. Navigate to "Applications", then click "+ New Application"
Permissions are authorization consents to access Passport resources. The Passport platform uses permissions to protect and prevent abuse of member data. Your application must have the appropriate permissions before it can access data.
Member Authorization or Authorization Code Flow (3-legged authorization): A Passport member grants permissions to your application to access the member’s resources on Passport. Your application has no access to these resources without member approval. Use this flow if you are requesting access to a member's account to use their data and make requests on their behalf. This is the most commonly used permission type across Passport APIs. Open permissions available to all applications are of this type. These include identity.basic, identity.profile, and identity.email.
Application Authorization or Client Credential Flow (2-legged authorization): Passport grants permissions to your application to access protected Passport resources. If you are accessing APIs that are not member specific, use this flow. Not all APIs support Application Authorization.