Authentication and Authorization

The OrderCloud.io API implements OAuth2 combined with our own notion of Roles to control user authentication and authorization at fine-grain level. Be prepared to spend time learning about these concepts and designing the right model for your application. If you over-privilege your users and attempt to control what they can do via front-end code, you run the risk of technically savvy users circumventing this by making direct API calls.