OAuth2 allows secure API authentication using https.

The mydigitalstructure onDemand service allows you to simply access OAuth2 based webservices -  making sure your application keys stay protected in the model and not exposed to the client.

You can effectively extend the mydigitalstructure organisational model and thus the number of use cases, under the service oriented architecture.

A key service that support OAuth2 is facebook. 

About OAuth2


Get a users details.


You have a facebook account.

Example Steps as structure administrator (once only):

1 On the facebook service you first need to do a once off Application registration - this is effectively giving permission for 3rd party applications to request access to your facebook account.

Create a new app in facebook
2 The application will set up 2 keys for you:
# Consumer key
# Consumer secret

You then need to use:

/ondemand/setup/?method=SETUP_URL_MANAGE&type=8&urllogon=[Consumer key]&urlpassword=[Consumer secret]&private=N&title=facebook

These application credentials will be used automatically when requesting an user access token in the following steps.

Example Steps as a user giving permission (once only per user):

You can now request a token (which is done in 3 phases). 

1 Request an application level code:


You will be returned a parameter: authenticateurl - you need to redirect to this URL.  At this point you need to add the scope of your request for access eg for access to news stream add: &scope=read_stream

Facebook will then call back to the url you specified when setting up the application and as supplied in the NETWORK_OAUTH_REQUEST_CODE call as &urlcallback=

You wil get back a parameter in the query string that you need to extract:
# code 

They will be used in the phase 2 in step 4 next. 

2 Requesting the user access token


This gets back the access_token for the user and saves it against their account for future use.

3 Getting user details on facebook:


Getting list of other links


Getting news feed


Getting home page / stream

You need to add &scope=read_stream to the url returned in step 1 for this to work.


4 You can use any method with the Facebook REST API





Graph theory is the theory of links and nodes and how they interconnect – so a “graph” represents these links, on the links to friends represents your social graph.

The links between contacts, invoices etc is an organisations “business graph”.

Some reading...



The Open Graph protocol enables any web page to become a rich object in a social graph.

Some reading...