Confluence 3.5 : Configuring OAuth
This page last changed on Mar 03, 2011 by alui.
About OAuthUsing OAuth, you can access data within a Confluence installation externally, via a Confluence gadget published on a JIRA site's dashboard, another Confluence site's page, or a website like iGoogle. While some data in Confluence may be accessible anonymously on the external application, other data may be restricted to a specific user account within the Confluence installation. OAuth provides the facility to access this restricted data. The key security advantage of OAuth is that Confluence's user-restricted resources can be shared without Confluence having to hand out user authentication details. Instead, access to these private resources is handled via an 'access token'. Access tokens define what Confluence resources (which are typically based on access privileges) can be accessed by another application and the duration of this access. However, access tokens are dissociated from a user's authentication details, since authentication to gain access to these resources is handled separately.
For more information about OAuth, please refer to the OAuth protocol workflow section of our Gadgets and Dashboards documentation. It is important to understand this workflow first before establishing OAuth relationships between your Confluence installation and other external web applications (either Atlassian or non-Atlassian ones).
Configuring OAuth Authentication for an Application LinkApplication links are used to enable trust relationships between two applications. Linking two applications allows you to share information and access one application's functions from within the other. You can configure an application link to use OAuth as the authentication mechanism. For instructions, see Configuring OAuth Authentication for an Application Link. NotesRelated TopicsAdministering Application Links |
![]() |
Document generated by Confluence on Mar 16, 2011 18:35 |