OAuth 2.0 is an authorization protocol that gives an API client limited access to user data on a web server. GitHub, Google, and Facebook APIs notably use it. OAuth relies on authentication scenarios called flows, which allow the resource owner (user) to share the protected content from the resource server without sharing their credentials. For that purpose, an OAuth 2.0 server issues access tokens that the client applications can use to access protected resources on behalf of the resource owner.

NXTsoft utilizes Client Credentials grant type – Intended for the server-to-server authentication, this flow describes an approach when the client application acts on its own behalf rather than on behalf of any individual user. In most scenarios, this flow provides the means to allow users specify their credentials in the client application, so it can access the resources under the client’s control.






authorizationUrl Relative to the API server URL The authorization URL to use for this flow. Can be relative to the API server URL.
tokenUrl Relative to the API server URL The token URL to use for this flow. Can be relative to the API server URL.
scopes Scopes for the OAuth2 security scheme The available scopes for the OAuth2 security scheme. A map between the scope name and a short description for it.