Accessing protected resources

All OSLC RM v1 and OSLC RM v2 programmatic requests are protected through OAuth 1.0a, and all user interface requests use the standard IBM® Engineering Requirements Management DOORS® - Web Access (DWA) username/password security framework.

OAuth is an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications. You can find more information here: http://oauth.net/core/1.0a/

The http status code 401 message and error messages such as Inadequate OAuth consumer credentials indicate that a request to an OAuth protected resource (for example, /dwa/rm/discovery/catalog) has been refused for security reasons.

The OAuth specification that DWA follows can be located at http://oauth.net/core/1.0/. DWA accepts accept both OAuth 1 and OAuth 1a specification requests. DWA has not added any features to the OAuth specification.

It is not possible to access an OAuth protected resource without an OAuth token.


Feedback