View Source

Context and background

Target audience

Analysts and developers of integrators who want to call a secured Informatie Vlaanderen API and need to know how to authorize.

Goals

Help you decide the most suitable method to connect to the Informatie Vlaanderen REST APIs
Provide a step-by-step explanation of how to get authorization to use the secured Informatie Vlaanderen REST APIs with your chosen method.

Terminology

Term	Definition
Resource Owner	The entity that can grant access to a protected resource. Typically, this is the end-user.
Client	An application requesting access to a protected resource on behalf of the Resource Owner.
Resource Server	The server hosting the protected resources. These are typically the secured Informatie Vlaanderen REST APIs.
Authorization Server	The server that authenticates the Resource Owner and issues Access Tokens after getting proper authorization. In this case this is the Informatie Vlaanderen Authorization Server (oauth.vlaanderen.be)
Access Token	A credential that can be used by an application to access an API.
Refresh Token	A long-lived token that is used to obtain a new Access Token after a previous one has expired.
JSON Web Key	A JavaScript Object Notation (JSON) data structure that represents a cryptographic key. This will be used to establish asynchronous authentication.

How to obtain your oauth Client from Informatie Vlaanderen?

Register your Client with Informatie Vlaanderen by sending an e-mail with the following information (preferrably in Dutch) to informatie.vlaanderen@vlaanderen.be.

A descriptive name of your client. It helps Informatie Vlaanderen to identify your integration.
Example: Telco-GIPODplatform
A short description of the business use.
Examples:
- Nachtelijke synchronisatie van GIPOD-innames.
- Voor de integratie van KLIP-planaanvragen.
The username(s) (at least one) of the client administrators.
If you don’t have a user account yet, you can register at https://beta.oauth.vlaanderen.be
The list of scopes your client needs to access the API (consult the documentation of the API).
Your integration scenario:
- Client Credentials Grant
- Authorization Code Grant
- Authorization Code Grant for web (+ include one or more redirection URLs of your web application)

Our helpdesk will set up the requested oauth client and send an e-mail containing a link to a page to manage his registered client(s).

Next step: find the most suitable way to connect.