Freshworks Developer Platform supports OAuth 2.0 to authenticate third-party applications that provide authorization in the Freshworks Marketplace apps. The OAuth 2.0 framework compliance is required for the third parties to integrate from the platform’s offering.
What's OAuth anyway?
OAuth (short for "Open Authorization") is an open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords. This mechanism is used by many companies on the internet for their application.
OAuth handshake mechanism
OAuth handshake is completely taken care by the Freshworks Developer Platform. The app provides the OAuth credentials such as client_id and client_secret in the app. The developer platform makes the authorization request and token request with the OAuth credentials to the third-party resource owner. The third-party resource owner verifies the request with the provided OAuth credentials and returns the access token and refresh token. These tokens are stored in the platform and used to make API requests from the app.
As an app developer, you will have to care about only providing the OAuth credentials and the URLs to make authorization and token requests to the configured third-party resource owner.
Let's build an app with the OAuth credentials to see how it works in action.