Cytomic Orion and OAuth Authentication

OAuth (Open Authorization) is an open, widely used industry standard that allows delegated access to protected resources. The main scenario for which OAuth was designed is that of a user who needs to grant permission to websites or third-party applications to access protected information without exposing the user’s login credentials. OAuth, therefore, provides secure delegated access to an owner’s resources on behalf on the owner, and specifies the processes required for the owner to authorize third-party access without sharing the owner’s credentials.

Designed specifically to work with Hypertext Transfer Protocol (HTTP), OAuth essentially allows access tokens to be issued to third-party programs by an authorization server, with the approval of the resource owner..

Cytomic Orion uses the OAuth standard to authenticate and authorize requests from applications that access its APIs.