Authentication and Authorization
The Sierra REST API uses the OAuth 2.0 authorization framework. The API supports the Client Credentials Grant and Authorization Code Grant flows.
Innovative assumes that you are familiar with OAuth 2.0. If you are new to OAuth 2.0, you can learn more at the OAuth website.
Innovative encourages you to utilize an OAuth 2.0 library specific to the programming languages and technologies you use.
Each Sierra platform library administers distribution of client keys for its system. Developer accounts can be configured to provide access to the default API data plus:
- no patron data (Client Credentials Grant)
- global patron data (Client Credentials Grant)
- patron-specific data (Authorization Code Grant)
- global patron data and patron-specific data (Client Credentials Grant and Authorization Code Grant)
Contact your Innovative sales representative for access to a Sierra REST API server where you can test Sierra REST API requests against a sample database.
