Oauth Request is a http contract operation for user linking.
It links the Provider user to MoneyMade Connect OAuth API.

As a best practice the OAuth Request is typically handled by backend and frontend side.

This algorithm contains the following steps:

  1. Widget opens the Provider OAuth Url depends on Provider OAuth Strategy

  2. Once user logs in to account, Provider frontend reads signature and payload from query string params on Provider OAuth Url, Provider frontend sends it to Provider backend.

  3. Provider backend validates the signature and handles user linking.
    Once it's done, Provider backend makes Finish OAuth request.
    Then Provider backend sends redirect url to frontend.

  4. Frontend uses redirect url. It's redirect to MoneyMade OAuth API backend which finishes the operation.

  5. MoneyMade OAuth API backend closes Connect Widget.

Provider OAuth Url

It's a url to Provider web page which handles OAuth Request.
It's typically login form which logs in the Provider user.
MoneyMade Connect OAuth API sets the oauth-signature and payload query string params.
For example, Provider OAuth url 'https://provider.com/oauth/moneymade' will look like:

https://provider.com/oauth/moneymade?signature=1234&payload=da9d123

Provider OAuth Strategy

The way how to open oauth url. It may be 'popup' or 'iframe'.
It should be chosen depends on technical and security conditions.

OAuth payload

Query string parameter "payload" which is received from Provider OAuth Url.
It contains external userId which is linked by OAuth Request.

OAuth Signature

Query string parameter "signature" which is received from Provider OAuth Url.
This is a signature which is used to validate the OAuth Payload.
See security signature generation for more info.