Authentication Overview

There are several methods of authenticating and establishing a session with the Spark API. The appropriate method depends on how the developer's API key is configured and the needs of the application:

  • OpenID + OAuth 2 Hybrid Protocol. This is the preferred approach. It combines the features of both OpenID (identification) and OAuth 2 (authorization) together in one request. The advantage to using the hybrid protocol is in the user experience. Acquiring identity information and access to the API only requires a single "allow" click from the user.

  • Spark API authentication. This is used when writing IDX products that act on behalf of a single user explicitly defined for that key.

If there are questions on the API key's configuration, please contact or submit a Jira ticket. More information about API key roles may be found here.