OAuth 2.0 support allows Synergist API users to make requests without the need to include a username and password as a means of authentication. Following the OAuth 2.0 protocol, users can now securely make requests using an access token for authorisation. While the addition of OAuth 2.0 support has removed the need for users to include a username and password in requests, this is still a valid and supported method of authentication in Synergist. For those that wish to enforce a policy that only allows the use of OAuth 2.0 for authentication, a new setting has been added in "System parameters". It can be found on the "Settings" tab under the "Passwords/Access" panel. Note that it is important to first ensure that all existing requests have been updated to use OAuth 2.0 before enabling this setting, not doing so will cause them to fail.
Registering authorised OAuth 2.0 applications in Synergist is simple with the addition of the "Connected apps" area that can now be found in "Utilities". Users can register and manage applications that will use their Synergist site. In here they can manage redirect URLs and client secrets.
For more details on how to use OAuth 2.0 with Synergist API, please visit the Synergist API reference documentation at https://apidoc.synergist.co.uk/reference