Authenticating using OAuth

OAuth is an open standard for authorization. Grid supports OAuth 1.0a 0-legged token authentication. The client and the server parts share a pre-configured set of keys called Consumer Credentials. The keys consist of an Identifier (Consumer Key) and a message signing key (secret key/shared secret) used to sign the calls.

The default setting is to permit token authentication on the host routers and not support it on additional routers. See Token Authentication for information about enabling token authentication.

We recommend that you change the consumer credentials at least yearly. More frequent changes are preferred. Grid will notify when the keys are more than 11 months old, recommending to plan for renewal. When the keys are more than 12 months old, another notification is sent. Renewing the consumer credentials will rotate the keys. The old keys are valid for up to seven days to give the clients time to adopt the new keys. See To renew consumer credentials.

The OAuth token validation mechanism also supports user impersonation. See Impersonation.