Introduction

NewHaze authorizes websites to access user data using a very similar method to the OAuth protocol.

Frontend Process

User clicks a "Sign in with NewHaze" button
They get redirected to a page which asks them if they want to connect with your site
Once confirmed, they get redirected back to your site where they are now logged in

User clicks a "Sign in with NewHaze" button.
They get taken to a page which gets a request token (auth.requestToken). The response contains a token which is sent with the authorization URL.
They get redirected to the user authorization URL. (http://www.newhaze.com/oauth/authorize.php?auth_token={TOKEN})
Once confirmed, the user authorization URL takes the user to the callback URL and sends back (via HTTP-GET) the authorization token and a verification token. (eg. http://www.example.com/callback.php?auth_token={TOKEN}&auth_verifier={VERIFIER})
This page then checks the tokens sent back. If they are correct, then it gets an access token (auth.requestAccessToken) and saves the access tokens.
The access tokens can then be used to make API calls on behalf of the user.

For a diagrammatic interpretation of this process, see below: