User Experience
Let’s take an example of a payroll application. The payroll application wants access to update a manager’s task list to remind the manager to approve timesheets. By placing these reminders in the manager’s task list, which the manager uses every day, it’s much more likely that employees will get paid on time, reducing the number of angry employees and time-consuming calls to the HR department.
The user experience in the most common case is very simple:
Payroll application lets the manager know that it’s asking for access to modify her tasks, and redirects her over to the task list app’s OAuth authorization server (see Figure 2-2).
The OAuth authorization server used by the task list app’s API prompts the user to grant permission for the payroll application to update her tasks (see Figure 2-3).
After the user has approved, she is redirected back to the payroll application, which now has access to the tasks (see Figure 2-4).