TOTSCo

Index > Appendix A – Configuring authentication and security protocols

< Previous | Next >

OAUTH 2.0

If you’re using OAuth 2.0, TOTSCo will provide you with:

  • a OAuth 2.0 token request URL for you or your MAP to call
  • its OAuth 2.0 ClientID + Secret to request tokens from TOTSCo OAuth 2.0 server


You or your MAP need to provide TOTSCo with:

  • the OAuth 2.0 token request URL for TOTSCo to call
  • the ClientID + Secret to allow TOTSCo to call and request tokens from CP OAuth 2.0 server


The format for this information could look like this, for example:

RCPID Routing ID Token URL Key Secret End Point
R1123
residentialSwitchMatchRequest
************* *************
*************
************* *************
https://primary/letterboxapi/v1/requestProcessor

For detailed configuration information to use OAuth 2.0 with the TOTSCo Hub, please refer to the API Specification Section 3.2.1.

Simulator Testing uses a 2-way authentication and authorisation method, which at this stage is using OAuth 2.0, as per the high-level diagram below:

The One Touch Switching Company (TOTSCo)
TOTSCo Authentication Protocol

API KEYS

If you’re using API Keys, TOTSCo will provide you or your MAP with:

  • your API Key


You need to provide TOTSCo with:

  • an API Key to allow the hub to deliver messages to your systems


For detailed configuration information about the use of API Keys with the TOTSCo Hub, please refer to the API Specification Section 3.2.2.

MUTUAL TLS

You or your MAP need to exchange URLs and associated certificates with TOTSCo. For detailed configuration information about the use of Mutual TLS with or without of additional authorisation methods with the TOTSCo Hub, please refer to the API Specification Section 3.1.2.

STANDARD TLS

You don’t need to exchange any
certificates if you use Standard TLS. For detailed configuration information about the use of Standard TLS with the TOTSCo Hub, please refer to the API Specification Section 3.1.1.

Skip to content