There are several methods of authenticating and establishing a session with the Spark API. The appropriate method depends on how the developer's API key is configured and the needs of the application:
- OpenID + OAuth 2 Hybrid Protocol. This is the preferred approach. It combines the features of both OpenID (identification) and OAuth 2 (authorization) together in one request. The advantage to using the hybrid protocol is in the user experience. Acquiring identity information and access to the API only requires a single "allow" click from the user.
- Spark API authentication. This is used when writing IDX products that act on behalf of a single user explicitly defined for that key.