The Nxsys API uses OAuth 2.0 as its authentication mechanism.
Why OAuth 2.0?#
OAuth 2.0 is a widely adopted authorization framework that enables third-party applications to gain limited access to user accounts on an HTTP service—without requiring the user to share their credentials.
It works by:Delegating user authentication to the service hosting the account
Authorizing third-party applications to access specific user data securely
OAuth 2.0 Authorization Flows#
There are four primary OAuth 2.0 flows, depending on the use case (e.g., web apps, mobile apps, machine-to-machine):Typical Steps in the Flow:#
1.
Register a client application
2.
Obtain a Client ID and Client Secret
3.
Redirect the user to obtain an authorization code
4.
Exchange the authorization code for an access token
5.
Refresh the access token when it expires
What You Need to Prepare#
To integrate with the Nxsys API via OAuth 2.0, you’ll need to prepare the following:Redirect URL (Callback URL)#
The redirect URL is a key component of the OAuth flow. It’s the endpoint in your application where users are redirected after they authenticate with Nxsys.To configure this properly:Use a secure (HTTPS) URL within your application
Ensure the endpoint is capable of handling the OAuth response (e.g., parsing the authorization code)
Register this URL with Nxsys when setting up your client application
https://{{your domain}}/oauth/callbackImportant: Always use HTTPS for your redirect URL to ensure secure communication and protect against interception attacks.
