Strategy One
Strategy Library OAuth2
Strategy One (May 2025) introduces OAuth2 authentication with the Strategy Library REST API. OAuth2 is a modern, secure, and standardized protocol to manage client-server authentication and authorization.
This functionality is only available for Managed Cloud Enterprise users.
Why Use OAuth2?
OAuth2 offers key benefits over traditional authentication methods in Strategy Library:
Simplified Authentication
Strategy Library provided various authentication methods in the past, such as standard login, SAML, and OpenID Connect (OIDC). These methods require separate API calls and cookie management. Strategy Library OAuth2 consolidates these calls and cookies into a single, unified authentication flow, reducing complexity for server and client applications.
Enhanced Security
OAuth2 replaces cookie-based authentication with secure token-based authorization, eliminating the risk of Cross-Site Request Forgery (CSRF) attacks and session stickiness issues. It improves security and minimizes the overhead of managing cookies, especially in distributed systems.
Scalability
Token-based authentication is stateless, meaning it does not rely on session cookies stored on the server. This design allows OAuth2 to scale more effectively across large, distributed systems.