Product: All
Applies to: Everyone
Introduction
When integrating with APIs, it is important to choose the right authentication model based on your application's needs. Intralinks V3 APIs support both two-legged and three-legged OAuth authentication.
V3 two-legged OAuth
Two-legged OAuth is a direct service-to-service authentication model that doesn't involve any end-user interaction.
- Tied to a specific service account or user email.
- Only that specific account can use the associated API key.
- No user login is required.
- Authentication is handled automatically between your app and the API service.
- Ideal for backend systems or automated services using a single identity.
V3 three-legged OAuth
Three-legged OAuth introduces user-level authentication, allowing multiple users to access the API using their own credentials.
- The API key is not tied to a specific user.
- Requires a client ID, client secret, and user login.
- A callback URL is needed to redirect users post-authentication.
- Multiple users can use the same client ID/secret but with their own Intralinks credentials.
- Users must directly authenticate (on an product login page) with their own credentials.
- Client systems do not handle a user's Intralinks credentials.
- Ideal for user-facing applications.
Key differences
| Aspect | Two-legged OAuth | Three-legged OAuth |
| Identity | One fixed service account | Multiple user identities |
| User involvement | None – fully automated | Required – user must log in |
| Flexibility | Simple but limited to one account | More complex but supports many users |
| Use case | Backend services, automation | Web/mobile apps, user-facing services |