Bit Capital

The Bit Capital Developer Hub

Welcome to the Bit Capital developer hub. You'll find comprehensive guides and documentation to help you start working with the platform as quickly as possible, as well as support if you get stuck. Let's jump right in!


OAuth 2.0

The OAuth 2.0 is an international authorization framework that enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.

OAuth addresses these issues by introducing an authorization layer and separating the role of the client from that of the resource owner. In OAuth, the client requests access to resources controlled by the resource owner and hosted by the resource server, and is issued a different set of credentials than those of the resource owner.

Instead of using the resource owner's credentials to access protected resources, the client obtains an access token -- a string denoting a specific scope, lifetime, and other access attributes. Access tokens are issued to third-party clients by an authorization server with the approval of the resource owner. The client uses the access token to access the protected resources hosted by the resource server.

For example, an end-user (resource owner) can grant an external service (client) access to her protected banking information stored at the Bit Capital platform (resource server), without sharing her username and password with the external service. Instead, she authenticates directly with a server trusted by the Bit Capital platform (authorization server), which issues the external service delegation-specific credentials (access token).

For more information checkout the official RFC Specification or one of the recommended articles below:

Updated 9 months ago

What's Next

Continue with the OAuth 2.0 process using a specific set of credentials:

Client Credentials
Mediator Credentials
Consumer Credentials
Request Signing
Two Factor Authorization

OAuth 2.0

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.