Eviscape - Authentication Documentaion

Authentication Documentaion

Currently oAuth v1.0, v1.0a are the only ways to authorize your application.
We've also adopted Problem Reporting Extension.

Endpoints

http://www.eviscape.com/oauth/request_token
http://www.eviscape.com/oauth/authorize
http://www.eviscape.com/oauth/access_token

Signature methods

PLAINTEXT (Not recommended)
HMAC-SHA1

XSRF Protection and callback

We'r accepting "oauth_callback" only in request_token. If absent then we'r using callback defined in consumer. If both absent then we'r rendering "oauth_verifier" on screen.
You can also disable default callback by specifyin oauth_callback=oob case sensitive (out-of-band). We'll render oauth_verifier on screen.

Getting Access token

"oauth_verifier" should be used while exchanging request token. Please consult OAuth 1.0a spec.

Permissions

By default we issue an access token with permission which you asked while registering your application, however you can also apply for "write" permission and it includes read-write-delete permission.
How to get "write" permission?
Please send an additional parameter "perms=write" while sending authorization request.

Eviscape Permissions
Eviscape use internal permission, in order to fetch post, member should have permission to read those posts else you'll be give an InsufficientAppPerm error.

Token Duration

Access token is usually granted for 12 months by default but can be granted for maximum of 24 month. All other tokens are granted for 1 hour.

New to oAuth?

oAuth Getting started