User's Perspective
The OAuth flow aims to achieve a very simple goal:
Confirming that the user wants external application X to have access to data Y
There are two ways to start this flow:
- From within Noona HQ (App Store)
- From external application (Traditional OAuth approach)
User clicks install
User approves requested scopes
User is redirected to app's landing page that shows information tailored to this specific user
App is now enabled for user and he can navigate to it without having to give consent again
User has external system open but it's not connected to his Noona account, user clicks button to authenticate with Noona HQ
User approves requested scopes
User is redirected back to app that now shows information tailored to this specific user
App is now enabled for user and he can navigate to it without having to give consent again
Super simple right?!