Context Navigation

OAuthAuthorisationWizard

-              v5
+              v6
 In OAuth terminology, a JOSM user authorises JOSM to access the OSM server on his behalf. During the authorisation process he never has to enter his OSM password into a JOSM dialog if he or she doesn't fully trust JOSM (unless he wants to for convenience reasons [wiki:/Help/Dialog/OAuthAuthorisationWizard#FullyAutomaticAuthorisation, see here]). Rather, the OSM server issues an Access Token which JOSM presents to the OSM server when it uploads data on behalf of the user. Access Tokens don't reveal the users password and they can be revoked at any time.
+=== Advanced use case - delegate access to fellow mappers ===
+=== Advanced use case - delegate access to other mappers ===
+A more advanced use case for OAuth is to delegate access to your OSM account to other mappers. OAuth allows you to grant another user restricted access to your account if necessary.
+Example: Mapper A can grant mapper B the right to download its private GPS traces from the OSM website. Mapper A would generate an OAuth Access Token and restrict to the privilege "Download my private GPS traces". He would then send an email with the Access Token to mapper B. B can enter the Access Token in JOSM and he is now allowed to download A's private GPS traces from the OSM server. He wouldn't be allowed to upload date on A's behalf, though, and he doesn't know A's OSM password. At any time, A can revoke the Access Token issued for B.
 == The OAuth Authorisation Wizard ==