OAuth Authentication Technical Integration Guide - Industry Partners

1 Introduction

1.1 Purpose

The primary intent of this document is to provide partners with the necessary information of the Application Programming Interfaces (APIs) to assist them in obtaining OAuth access token which will be required to contribute content and media using TIH APIs, as well as utilising TIH Recommendation Engine API.

1.2 Partner On-Boarding

Partners who wish to leverage on TIH API Services that require OAuth Authentication should register for a TIH B2B account and request for the service through the following procedure.

1. Partners need to register with TIH by creating an account with TIH via the following URL, https://tih.stb.gov.sg/content/tih/en/profile/register.html
2. After successfully registering a B2B Account on TIH, an email request should be sent in to the TIH Helpdesk (stb_tih@stb.gov.sg), to request for OAuth Authentication with the following information,
   • B2B Account ID (Email address)
   • Application Name
   • Reason for request
   • Requestor’s details
3. Once the request has approved, an email with the ClientId and ClientSecret will be sent to the requestor’s email address.
4. The partner’s application will use the ClientId and ClientSecret to generate an accessToken. This accessToken will be used in all API requests. (See section 3: OAuth Usage Flow Scenario)

The API sets that require OAuth access token are:

1. Content Provider API 
2. Media Provider API
3. Recommendation Engine API

2 OAuth API Specifications

This section highlights the APIs related to the OAuth authorization and authentication.

2.1 Access Token

Please note that for the Authorization parameter is a base64 encoded string of the clientId and clientSecret in the format of clientId:clientSecret.

• Access Token API

2.2 Refresh Access Token

Please note that for the Authorization parameter is a base64 encoded string of the clientId and clientSecret in the format of clientId:clientSecret.

• Refresh Access Token API

3 OAuth Usage Flow Scenario

This section of the document depicts the sequence of API calls to the TIH API services to retrieve OAuth access token.

Steps:

1. User requests for OAuth access token by providing client id and client secret through API (OAuth – Access Token).
2. User obtains OAuth access token
3. With the access token, you can proceed to call the API that requires the access token with the following “Authorization” header:
   

   Header
   Authorization	BearerToken

The API sets that require OAuth access token are:

1. Content Provider API 
2. Media Provider API
3. Recommendation Engine API