OAuth provides a method for clients to access server resources on behalf of a resource owner (such as a different client or an end user). It also provides a process for end-users to authorize third party access to their server resources without sharing their credentials (typically, a username and password pair), using user-agent redirections.
WebSEAL supports the EAS plug-in, which leverages the Tivoli® Federated Identity Manager OAuth, versions 1.0 and 2.0, capabilities. This plug-in allows OAuth decisions to be made as a part of the standard authorization on WebSEAL requests. To use this functionality, you need a Tivoli Federated Identity Manager server configured to reject or authorize OAuth tokens in your environment. For more information, see the Tivoli Federated Identity Manager server product documentation.