Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 15 Next »

Context and background

Target audience

Analysts and developers of integrators who want to call a secured Informatie Vlaanderen API and need to know how to authorize.

Goals

  • Help you decide the most suitable method to connect to the Informatie Vlaanderen REST APIs
  • Provide a step-by-step explanation of to get authorization to use the secured Informatie Vlaanderen REST APIs with your chosen method.

Terminology

TermDefinition
Resource OwnerThe entity that can grant access to a protected resource. Typically, this is the end-user.
Client

An application requesting access to a protected resource on behalf of the Resource Owner.

Resource ServerThe server hosting the protected resources. These are typically the secured Informatie Vlaanderen REST APIs.
Authorization ServerThe server that authenticates the Resource Owner and issues Access Tokens after getting proper authorization. In this case this is the Informatie Vlaanderen Authorization Server (oauth.vlaanderen.be)
Access TokenA credential that can be used by an application to access an API.
Refresh TokenA long-lived token that is used to obtain a new Access Token after a previous one has expired.
JSON Web KeyA JavaScript Object Notation (JSON) data structure that represents a cryptographic key. This will be used to establish asynchronous authentication.

How to obtain your oauth Client from Informatie Vlaanderen?

Register your Client with Informatie Vlaanderen by sending an e-mail with the following information (preferrably in Dutch) to informatie.vlaanderen@vlaanderen.be.

  • A descriptive name of your client. It helps Informatie Vlaanderen to identify your integration.
    Example: Telco-GIPODplatform
  • A short description of the business use.
    Examples:
    • Nachtelijke synchronisatie van GIPOD-innames.
    • Integratie voor de integratie van KLIP-planaanvragen.
  • The username(s) (at least one) of the client administrators.
    If you don’t have a user account yet, you can register at https://beta.oauth.vlaanderen.be
  • The list of scopes your client needs to access the API (consult the documentation of the API).
  • Your integration scenario
    • Client Credentials Grant
    • Authorization Code Grant
    • Authorization Code Grant for web (include one or more redirection URLs of your web application)

Our helpdesk will set up the requested oauth client and send an e-mail containing a link to a page to manage his registered client(s).

Next step: find the most suitable way to connect.

  • No labels