This page explains how divisions and 3rd party developers can obtain access to IVAO's OAuth system to query IVAO APIs and authenticate IVAO Users on their website with IVAO's SSO.
OAuth will allow you to authenticate IVAO users and your applications with our systems. Once authenticated, you will be able to make API requests on their behalf.
This authentication method is meant to replace the legacy API keys used in the past on our APIs.
All the login flow complies with OAuth 2.0 standards. You can find examples of how to use them in our GitHub repository (github.com/ivaoaero/OAuth-samples).
Any 3rd party tools supporting OAuth or OpenID login should work out of the box.
If you have any issues or notice something unexpected happening, please email us at email@example.com.
All divisions, even those not hosted on the divisions' server, are allowed to request access to IVAO's OAuth system, as any personal data is subject to the user's specific approval.
Since you'll be able to authenticate IVAO users and fetch some of their personal data, you become responsible for this data’s security. Please ensure that it is stored in a safe place and not accessible to anyone that isn’t supposed to.
As much as we would like to help everyone, please understand that we currently don’t have the manpower to support all technical issues you might encounter.
If you need help, please use the official support channels on the Community or Staff server, where other developers will try to assist you.
To get access to the OAuth system, you have to send an email to firstname.lastname@example.org with the subject: “IVAO OAuth Access Request”.
The email must contain the following:
Once your request is approved, you will be given a CLIENT_ID and a CLIENT_SECRET which you can use to authenticate the users and your applications.
Attention: CLIENT_SECRET MUST remain private
If you think there was even the slightest chance that your CLIENT_SECRET was leaked, please contact us immediately at email@example.com.
Should you want to test the OAuth flow locally before requesting production data, you will find the data required to do so in our code samples repository.
If you need help, try using the official support channels on the Community or Staff servers, where other developers will try to assist you.
It is planned to release an online service to manage your OAuth details (client id, secret, redirect URLs) but it is still under development, until then please use the following email address for any request : firstname.lastname@example.org
If you wish to contact us, you can do so at email@example.com