Help topics‎ > ‎

Authenticating to Evernote

Notekeeper authenticates with Evernote using OAuth. You are presented with the Evernote login page in a web browser embedded within the app. When you log in to Evernote on that page, you will be asked if you want to give Notekeeper access to your account for one year. If you tap on 'Authorize', you will be giving Notekeeper permission to access your Evernote account, and Notekeeper will proceed to fetch your notes database from Evernote. If you tap on 'Decline', Notekeeper will not be able to access your Evernote data.

During this process, Notekeeper doesn't get to see your Evernote password. Instead, Evernote would grant Notekeeper a secret code which Notekeeper can use to access your account. This secret code has limited permissions, in the sense that it cannot be used for controlling your account (like changing the password or authorizing other applications). The secret code is also time-limited to one year.

This is how it would look like in Nokia Belle phones:

    

After one year, the access you would have given to Notekeeper would expire. When you use Notekeeper after that, Notekeeper will ask you to login to Evernote again and give permissions for access, in the same way as described above.

Also, in case you need to revoke the access granted to Notekeeper, you can do that anytime. To do that, you can go to the Evernote website (www.evernote.com), sign-in if required (look for the Web sign in link), go to Settings > Applications, select Notekeeper, and press the 'Revoke Access' button. When access is revoked, Notekeeper will not be able to access your notes. When you use Notekeeper after that, Notekeeper will ask you to login to Evernote again and give permissions for access, in the same way as described above. (In case you face any problems while re-logging in, please see Problems with re-login.)

To understand why revoking might be useful, consider someone who’s just lost her phone. It might be a good idea to make sure that anyone who finds her phone is not able to access her Evernote account through Notekeeper. So, she logs in to Evernote and revokes access to Notekeeper, which invalidates all secret tokens that have been given to Notekeeper from her Evernote account. After that, the instance of Notekeeper from her lost phone (or any other phone) will not be able to talk to her Evernote account. On her second phone, she can authorize Notekeeper again as described above. But the Notekeeper in the lost phone would still not be able to access her account.