Oauth Request is a http contract operation for user linking.
It links the Provider user to MoneyMade Connect OAuth API.
As a best practice the OAuth Request is typically handled by backend and frontend side.
This algorithm contains the following steps:
Once user logs in to account, Provider frontend reads signature and payload from query string params on Provider OAuth Url, Provider frontend sends it to Provider backend.
Frontend uses redirect url. It's redirect to MoneyMade OAuth API backend which finishes the operation.
MoneyMade OAuth API backend closes Connect Widget.
It's a url to Provider web page which handles OAuth Request.
It's typically login form which logs in the Provider user.
MoneyMade Connect OAuth API sets the oauth-signature and payload query string params.
For example, Provider OAuth url 'https://provider.com/oauth/moneymade' will look like:
The way how to open oauth url. It may be 'popup' or 'iframe'.
It should be chosen depends on technical and security conditions.
Query string parameter "payload" which is received from Provider OAuth Url.
It contains external userId which is linked by OAuth Request.