Enterprise Integration Patterns
Conversation Patterns
Conversation Patterns
User Grants AccessConversation Patterns » Starting a Conversation

A participant has identified a provider and is about to initiate a conversation on behalf of a user.

How can a participant engage in a conversation on behalf of a user?

Have the consumer request an access token from the service provider based on the consumer's identifier and the user authenticating the request to the provider. The consumer subsequently passes this token with the request to the provider.

The User Grants Access conversation involves the following participants:

Example: OAuth

IETF RFC5849 specifies the following steps:

  1. The client obtains a set of temporary credentials from the server (in the form of an identifier and shared-secret). The temporary credentials are used to identify the access request throughout the authorization process.
  2. The resource owner authorizes the server to grant the client's access request (identified by the temporary credentials).
  3. The client uses the temporary credentials to request a set of token credentials from the server, which will enable it to access the resource owner's protected resources

Creative Commons Attribution License

You can reuse the following elements under the Creative Commons Attribution license: pattern icon, pattern name, problem and solution statements (in bold), and the sketch. Other portions are protected by copyright.