Changes between Version 35 and Version 37 of Help/Dialog/OAuthAuthorisationWizard

Timestamp:

(multiple changes)

Author:

(multiple changes)

Comment:

(multiple changes)

Help/Dialog/OAuthAuthorisationWizard

@@ -1 @@
-[[TranslatedPages]]
-= OAuth Authorisation Wizard = 
+[[TranslatedPages(outdated=The Authorization Wizard was removed from JOSM with the deprecation of OAuth 1.0a. This page still exist mainly for historical reasons.)]]
+
+= OAuth Authorization Wizard = 
 [[PageOutline(2-10,Table of Contents)]]
 
@@ -13 +14 @@
  1. Your OSM password has to be transferred **only once** over the Internet on a **secure connection**, in contrast to basic authentication where your OSM password is transferred as part of every request sent from JOSM to the OSM server in clear text. 
 
-In OAuth terminology, a JOSM user authorises JOSM to access the OSM server on the user's behalf. During the authorisation process the OSM password never needs to be entered into a JOSM dialog if the user doesn't fully trust JOSM (unless wanting to for convenience reasons [wikitr:/Help/Dialog/OAuthAuthorisationWizard#FullyAutomaticAuthorisation see here]). Rather, the OSM server issues an Access Token which JOSM presents to the OSM server when it uploads data on behalf of the user. Access Tokens don't reveal the user's password and they can be revoked at any time. 
+In OAuth terminology, a JOSM user authorizes JOSM to access the OSM server on the user's behalf. During the authorization process the OSM password never needs to be entered into a JOSM dialog if the user doesn't fully trust JOSM (unless wanting to for convenience reasons [wikitr:/Help/Dialog/OAuthAuthorisationWizard#FullyAutomaticAuthorisation see here]). Rather, the OSM server issues an Access Token which JOSM presents to the OSM server when it uploads data on behalf of the user. Access Tokens don't reveal the user's password and they can be revoked at any time. 
 
 === Advanced use case - delegate access to other mappers ===
@@ -21 +22 @@
 
 
-== The OAuth Authorisation Wizard ==
-The Oauth authorisation wizard is located in the preferences under [wikitr:/Help/Preferences/Connection Connection settings].
+== The OAuth Authorization Wizard ==
+The Oauth authorization wizard is located in the preferences under [wikitr:/Help/Preferences/Connection OSM Server preferences].
+
 === What does authentication/authorization mean? ===
 When you upload geodata to the OSM server you have to tell the server who you are. The OSM server will **identify** every uploading mapper by asking for an OSM username. The OSM server furthermore needs to **authenticate** this identity, i.e. to reliably determine whether the mapper is indeed the claimed user. For this purpose, it asks for a password in addition to the username. The server's assumption is that whoever knows the secret password for username xyz is reliably authenticated to ''be'' xyz. A mapper logged in with an authenticated username and password is entitled to run a broad range of operations on the server. The mapper is ***authorized** to upload data, to create changesets, to close changesets, to upload GPS traces, to read and changes personal preferences on the server, to invite others as friends, to send emails to other accounts, etc. Currently, it isn't possible to create an OSM account with an OSM username and a password with restricted rights, i.e. an account that would only be able to upload GPS traces, but not map data. Whoever has successfully **authenticated** with an OSM username and an OSM password is **fully authorized** to do everything an OSM user can normally do on the server.
@@ -31 +33 @@
   * an Access Token could only be valid for a certain time, i.e. only today, but this is not yet supported by the OSM server 
 
-In addition to username/password pairs, the OSM server also accepts OAuth Access Tokens to authenticate and authorise a user. More specifically, it accepts requests ''signed with such a token'', but this is beyond of the scope of this online help.
+In addition to username/password pairs, the OSM server also accepts OAuth Access Tokens to authenticate and authorize a user. More specifically, it accepts requests ''signed with such a token'', but this is beyond of the scope of this online help.
 
 The OAuth Authorization Wizard allows you to receive a valid OAuth Access Token, provided that you have an OSM username and OSM password, or to enter and use an OAuth Access Token in JOSM, provided that you got one from somebody else who has an OSM username and an OSM password. 
@@ -48 +50 @@
  [[Image(fully-authomatic-1.png,link=)]]
 
-3. **Step 3/3**' - Accept the Access Token
+3. **Step 3/3** - Accept the Access Token
 
  JOSM displays the retrieved Access Token.
@@ -55 +57 @@
 
 * Deselect the checkbox Save to preferences if you don't want to save the Access Token in the JOSM preferences. If you don't save it the Access Token will be lost when you close JOSM. If you later startup JOSM again you will have to retrieve a new Access Token to work with OAuth based authentication again.
-* Click on ''Test Access Token" to test the token
+* Click on **Test Access Token** to test the token
 * Click on **Accept Access Token** to accept it.
 
 ==== Restricting the granted privileges ====
-When JOSM fully-automatically requests and authorizes an Access Token, it grants it five privileges:
+When JOSM fully-automatically requests and authorizes an Access Token, it grants it six privileges:
 * the right to upload data to the OSM server
 * the right to upload GPS traces to the OSM server
@@ -65 +67 @@
 * the right to read the preferences stored on the OSM server
 * the right to write preferences stored on the OSM server
+* the right to modify notes stored on the OSM server
 
 These are the default settings. If you want to restrict the granted privileges:
@@ -82 +85 @@
  1. Click the tab **Advanced OAuth parameters**
  1. Deselect the checkbox **Use default settings**
- 1. Enter your values for the five OAuth parameters 
+ 1. Enter your values for the seven OAuth parameters 
 
 [[Image(fully-automatic-advanced.png,link=)]]
@@ -95 +98 @@
  [[Image(semi-automatic-step-1.png,link=)]]
 
-2. **Step 2/3** - Authorise the Request Token in an external browser
+2. **Step 2/3** - Authorize the Request Token in an external browser
 
  JOSM now launches an external browser with the OSM website. Please login and follow the instructions. Then switch back to the OAuth Authorization Wizard and click on **Retrieve Access Token**.
@@ -103 +106 @@
 3. **Step 3/3** - Accept the Access Token
 
- JOSM displays the retrieved Access Token. Click on '**Accept Access Token** to accept it. 
+ JOSM displays the retrieved Access Token. Click on **Accept Access Token** to accept it. 
     
  [[Image(semi-automatic-step-3.png,link=)]]
@@ -109 +112 @@
 
 ==== Advanced OAuth parameters ==== #AdvancedOAuthparameters
-When JOSM semi-automatically requests and authorizes an Access Token, it uses default values for the OAuth parameters. Advanced users may want to change these parameters
+When JOSM semi-automatically requests and authorizes an Access Token, it uses default values for the OAuth parameters. Advanced users may want to change these parameters:
 * in order to use a different Consumer Token (consisting of a Consumer Key and a Consumer Secret). This allows you to create your own Consumer Token for JOSM and then use it in JOSM. 
 * in order to use it on a different than the standard OSM server. For instance, this allows users to use OAuth with an OSM development server or with a local installation of the OSM server application.
@@ -116 +119 @@
 
 1. Select the checkbox **Display Advanced OAuth Parameters**
-1. Enter your values for the five OAuth parameters 
+1. Enter your values for the seven OAuth parameters 
 
 [[Image(semi-automatic-advanced.png,link=)]]
 
 === Manual authorization process === 
-The manual authorization process allows you to enter an arbitrary Access Token. You can use this process
+The manual authorization process allows you to enter an arbitrary Access Token. You can use this process:
 
 * to enter an Access Token you have kept in a secure place, for instance in a secure store for credentials 
@@ -140 +143 @@
  Please check the corresponding connection with your network engineer.
 ----
-Back to [wikitr:/Help/Preferences/Connection Connection settings] \\
+Back to [wikitr:/Help/Preferences/Connection OSM Server preferences] \\
 Back to [wikitr:/Help Main Help]