Changes between Version 33 and Version 34 of Help/Dialog/OAuthAuthorisationWizard
- Timestamp:
- 2020-07-03T12:24:56+02:00 (4 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Help/Dialog/OAuthAuthorisationWizard
v33 v34 13 13 1. Your OSM password has to be transferred '''only once''' over the Internet on a '''secure connection''', in contrast to basic authentication where your OSM password is transferred as part of every request sent from JOSM to the OSM server in clear text. 14 14 15 In OAuth terminology, a JOSM user authorises JOSM to access the OSM server on the user's behalf. During the authorisation process the OSM password never needs to be entered into a JOSM dialog if the user doesn't fully trust JOSM (unless wanting to for convenience reasons [wiki :/Help/Dialog/OAuthAuthorisationWizard#FullyAutomaticAuthorisation see here]). Rather, the OSM server issues an Access Token which JOSM presents to the OSM server when it uploads data on behalf of the user. Access Tokens don't reveal the user's password and they can be revoked at any time.15 In OAuth terminology, a JOSM user authorises JOSM to access the OSM server on the user's behalf. During the authorisation process the OSM password never needs to be entered into a JOSM dialog if the user doesn't fully trust JOSM (unless wanting to for convenience reasons [wikitr:/Help/Dialog/OAuthAuthorisationWizard#FullyAutomaticAuthorisation see here]). Rather, the OSM server issues an Access Token which JOSM presents to the OSM server when it uploads data on behalf of the user. Access Tokens don't reveal the user's password and they can be revoked at any time. 16 16 17 17 === Advanced use case - delegate access to other mappers === … … 22 22 23 23 == The OAuth Authorisation Wizard == 24 The Oauth authorisation wizard is located in the preferences under [ Preferences/Connection Connection settings].24 The Oauth authorisation wizard is located in the preferences under [wikitr:/Help/Preferences/Connection Connection settings]. 25 25 === What does authentication/authorisation mean? === 26 26 When you upload geodata to the OSM server you have to tell the server who you are. The OSM server will '''identify''' every uploading mapper by asking for an OSM username. The OSM server furthermore needs to '''authenticate''' this identity, i.e. to reliably determine whether the mapper is indeed the claimed user. For this purpose, it asks for a password in addition to the username. The server's assumption is that whoever knows the secret password for username xyz is reliably authenticated to ''be'' xyz. A mapper logged in with an authenticated username and password is entitled to run a broad range of operations on the server. The mapper is '''authorised''' to upload data, to create changesets, to close changesets, to upload GPS traces, to read and changes personal preferences on the server, to invite others as friends, to send emails to other accounts, etc. Currently, it isn't possible to create an OSM account with an OSM username and a password with restricted rights, i.e. an account that would only be able to upload GPS traces, but not map data. Whoever has successfully '''authenticated''' with an OSM username and an OSM password is '''fully authorised''' to do everything an OSM user can normally do on the server. … … 40 40 1. '''Step 1/3''' - Open the preferences dialog 41 41 42 Click on the '''Preferences''' button in the toolbar. In the dialog, select the [wiki :Help/Preferences/Connection Connection Setting] tab.42 Click on the '''Preferences''' button in the toolbar. In the dialog, select the [wikitr:/Help/Preferences/Connection Connection Setting] tab. 43 43 44 44 2. '''Step 2/3''' - Get the Access Token … … 135 135 136 136 ==== Advanced OAuth parameters ==== 137 * See [wiki :/Help/Dialog/OAuthAuthorisationWizard#FullyAutomaticAdvanced advanced preferences in the fully automatic process].137 * See [wikitr:/Help/Dialog/OAuthAuthorisationWizard#FullyAutomaticAdvanced advanced preferences in the fully automatic process]. 138 138 139 139 == Troubleshooting == 140 * If you are working on a university or corporate network, a firewall may prevent the OAuth authentification request. [[BR]]140 * If you are working on a university or corporate network, a firewall may prevent the OAuth authentification request. \\ 141 141 Please check the corresponding connection with your network engineer. 142 142 ---- 143 Back to [wiki :/Help/Preferences/Connection Connection settings][[Br]]144 Back to [wiki :Help Main Help]143 Back to [wikitr:/Help/Preferences/Connection Connection settings] \\ 144 Back to [wikitr:/Help Main Help]