Skip to main content

OAuth1 Authentication

OAuth1 is an older authorization protocol that requires signature-based request authentication. It is rarely used in modern APIs, but some legacy systems still require it.

Overview

OAuth1 authentication provides a secure way for applications to access user data without exposing user credentials. It uses a complex signature-based mechanism to secure each request.

Connector Definition

Example OAuth1 connector definition: 
# Connector definition: OAuth1 authentication with signature-based requests
type: oauth1

# OAuth1 configuration: consumer credentials and endpoints
getOAuthConfig:
  type: mapping
  mapping:
    consumerKey:
      $var: connectorParameters.consumerKey
    consumerSecret:
      $var: connectorParameters.consumerSecret
    requestTokenUri: https://api.example.com/oauth/request_token
    authorizeUri: https://api.example.com/oauth/authorize
    tokenUri: https://api.example.com/oauth/access_token
    extra:
      custom_param: value

# API client configuration
makeApiClient:
  type: mapping
  mapping:
    baseUri: https://api.example.com

# Connection test
test:
  type: javascript
  code: |
    export default async function ({ apiClient }) {
      const user = await apiClient.get("/user")
      return user.id !== undefined
    }

getOAuthConfig

Returns OAuth1 configuration used to build the authorization URL and token exchange. Supported implementation types

Configuration Parameters

ParameterDescription
consumerKeyThe OAuth1 consumer key (from connector parameters)
consumerSecretThe OAuth1 consumer secret
requestTokenUriThe endpoint for obtaining a request token
authorizeUriThe endpoint where users are redirected to authenticate
tokenUriThe endpoint for exchanging the request token for an access token
extraAdditional parameters to add to the authorize request

OAuth1 Flow

The OAuth1 flow in Membrane follows these steps:
  1. User initiates authentication
  2. Membrane requests a temporary token using the consumer key/secret
  3. User is redirected to the service’s authorization page with this token
  4. User authenticates and grants permissions
  5. Service redirects back to Membrane with a verification code
  6. Membrane exchanges this code for access tokens
  7. The tokens are stored as connection credentials
  8. Membrane uses these tokens to make signed API requests