Providing user authentication for gadgets

Documentation under development

This page is an overview of user authentication in gadgets. There is another topic on using [the authentication mechanism provided by the Atlassian Gadgets JavaScript Framework](/server/framework/gadgets/using-authentication-in-your-gadget).

To cover:

OAuth
Trusted apps
Other forms

Introduction to OAuth

The central principle behind the OAuth protocol is: If you want a client program to access a server somewhere, there should be a more secure way than asking the user to enter their username and password into the client program which then sends it to the server. OAuth provides another way to authenticate, using secure tokens passed between two servers.

For example, if a user puts a JIRA Issues gadget onto their iGoogle page, they should not need to enter their JIRA username and password into iGoogle.

Using Authentication in your Gadget
Using the Atlassian Gadgets JavaScript Framework