The article describes OAUTH and IAM in FCLite.
FCLite uses OAuth 2.0 for authentication and authorization of their API services. OAuth is an open standard for authorization that enables third-party applications to access user data without requiring the user's credentials. With OAuth, users grant access to their data via access tokens, which are issued by an authorization server. The access token can then be used to access the user's data from authorized APIs. FCLite's OAuth implementation supports the OAuth 2.0 Authorization Code Grant Type.
IAM is a framework used for managing access to resources. FCLite's IAM provides control of user-level access privileges to API services, enabling users to create and manage API keys. These keys can then be used to authenticate and authorize API requests.
The main advantage of OAuth is security. This is because login and password credentials can be intercepted or picked up by an attacker, whereas the token has a short lifespan and is issued by a specific service that the application trusts.