The Authorization Code grant of OAuth2 provides the means to authenticate all requests to the OpenTicket system. This grant gives users of OpenTicket the ability to give applications access to their resources and ensures no user credentials are shared during this process. At a high level, this process has the following steps:
- The application that needs access to the OpenTicket resources redirects the user to the OpenTicket OAuth2 server.
- The user is presented with an authorization prompt from the OpenTicket OAuth2 server, and approves the request of the application to access their resources.
- The user is redirected back to the application and provided with an authorization code.
- The application uses the authorization code to request an access token.
- The access token is used to make requests to the OpenTicket, also see issuing requests.
In this part of the documentation, these steps are elaborated upon.
The system that accesses the OpenTicket system must be able to store issued access tokens safely.