Our solution uses OAuth2 framework to authorize access to X3 Configuration web APIs. It is used to perform authentication and authorization in most application types, including web apps and natively installed apps.
In our solution architecture, each region has its root API with 2 public endpoints for authorization and token management:
Authorization API for pairing process: This reference section explains how the pairing process works under “Authorization Code” flow of OAuth2 for permission granting between a 3rd party application and an X3 Configuration.
Token API for secured API call: This reference section explains tokens and Token API operations.
The following schema summarizes the steps that a developer has to go through to be able to call secured X3 REST API: