OAuth1 Authentication

OAuth1 is an older authorization protocol that requires signature-based request authentication. It is rarely used in modern APIs, but some legacy systems still require it.

Overview

OAuth1 authentication provides a secure way for applications to access user data without exposing user credentials. It uses a complex signature-based mechanism to secure each request.

Connector Definition

Example OAuth1 connector definition:

# Connector definition: OAuth1 authentication with signature-based requests
type: oauth1

# OAuth1 configuration: consumer credentials and endpoints
getOAuthConfig:
  type: mapping
  mapping:
    consumerKey:
      $var: connectorParameters.consumerKey
    consumerSecret:
      $var: connectorParameters.consumerSecret
    requestTokenUri: https://api.example.com/oauth/request_token
    authorizeUri: https://api.example.com/oauth/authorize
    tokenUri: https://api.example.com/oauth/access_token
    extra:
      custom_param: value

# API client configuration
makeApiClient:
  type: mapping
  mapping:
    baseUri: https://api.example.com

# Connection test
test:
  type: javascript
  code: |
    export default async function ({ apiClient }) {
      const user = await apiClient.get("/user")
      return user.id !== undefined
    }

getOAuthConfig

Returns OAuth1 configuration used to build the authorization URL and token exchange.

Supported implementation types

Configuration Parameters

Parameter	Description
`consumerKey`	The OAuth1 consumer key (from connector parameters)
`consumerSecret`	The OAuth1 consumer secret
`requestTokenUri`	The endpoint for obtaining a request token
`authorizeUri`	The endpoint where users are redirected to authenticate
`tokenUri`	The endpoint for exchanging the request token for an access token
`extra`	Additional parameters to add to the authorize request

OAuth1 Flow

The OAuth1 flow in Membrane follows these steps:

User initiates authentication
Membrane requests a temporary token using the consumer key/secret
User is redirected to the service's authorization page with this token
User authenticates and grants permissions
Service redirects back to Membrane with a verification code
Membrane exchanges this code for access tokens
The tokens are stored as connection credentials
Membrane uses these tokens to make signed API requests