If you are concerned with multiple users being on the same machine and not signing out between sessions, you can force them to re-authenticate during the OAuth process. Simply include prompt=login in the OAuth request. You can also set a max_age in seconds to force users to re-authenticate if their session is over a certain length. See Continue Reading
Authentication and OAuth
What is an OAuth scope, and which scopes does ORCID support?
When requesting permission to interact with an ORCID user’s record, you specify one or more ‘scopes’. Each scope allows you to do certain things, such as read the record, or update a particular section. 3-legged (authorization code) scopes 3 legged refers to the three actors involved in obtaining permission from a user; ORCID, your system Continue Reading
How do I get a “/read-limited” access token?
To obtain /read-limited access, you must ask the researcher for permission. You do this using OAuth. Specifically, “3 legged OAuth”. For more information please see our API Tutorial: Read data on an ORCID record Was this helpful?Yes NoAdditional Comments:Send Feedback
How does “3 legged OAuth” work?
ORCID integrations use “3 legged OAuth” to authenticate users and request permission to interact with their records. Any integration can ask for read permissions using the Public API. ORCID members can use the Member API to ask for update permissions. It works like this: You create a special linkWhen clicked, the user is sent to Continue Reading
How do I get “/read-public” access token?
Anyone with public or member API credentials can receive a /read-public access token. To obtain a token, you make a call to the ORCID API token endpoint. This process is often referred to as the client-credentials OAuth flow, or 2-step OAuth. An example call to obtain an access token to read public data on the sandbox — Continue Reading