Data Connectors are system-to-system applications that do not require end-user involvement. ADP uses the OAuth 2.0 authorization framework to permit applications to access ADP client data. OAuth provides a secure mechanism to grant resource (data) access to applications using access tokens on behalf of clients. This guide describes the OAuth Client Credentials grant used for system-to-system authorization.
The basic authorization flow required to access ADP APIs with the Client Credentials grant:
- Your consumer application contacts the ADP token endpoint to get an access token.
- ADP authenticates your consumer application, verifies the validity and provides an access token to your application.
- Your consumer application uses the access token provided by ADP to access ADP APIs.
The following figure illustrates the authorization flow.
ADP provides developer libraries that you can use to take care of many of the implementation details of authorizing and gaining access to ADP APIs. If you choose not to use a library, follow the instructions in the next article, which describes the flow that underlies the available libraries.
Prerequisites
You must obtain the following from ADP in order to implement the Client Credentials grant with ADP:
- Signed Certificate
- Client Credentials