Skip to main content

OAuth1 Authentication

OAuth1 is an older authorization protocol that requires signature-based request authentication. It is rarely used in modern APIs, but some legacy systems still require it.

Overview

OAuth1 authentication provides a secure way for applications to access user data without exposing user credentials. It uses a complex signature-based mechanism to secure each request.

Connector Definition

Example OAuth1 connector definition:

getOAuthConfig

Returns OAuth1 configuration used to build the authorization URL and token exchange. Supported implementation types

Configuration Parameters

OAuth1 Flow

The OAuth1 flow in Membrane follows these steps:
  1. User initiates authentication
  2. Membrane requests a temporary token using the consumer key/secret
  3. User is redirected to the service’s authorization page with this token
  4. User authenticates and grants permissions
  5. Service redirects back to Membrane with a verification code
  6. Membrane exchanges this code for access tokens
  7. The tokens are stored as connection credentials
  8. Membrane uses these tokens to make signed API requests