Authentication security model for a content management system

What is claimed is: 1. A computer-implemented method comprising: storing, by a content management system, credentials for an external user account of a third-party source that is external to the content management system, wherein the credentials are required to display third-party content embedded into a content item stored on the content management system, the credentials are stored in association with the content item; receiving, from a client device, a request to receive the content item that is associated with a first domain of the content management system; receiving, from the client device, a request for third-party code based on a portion of the content item, the third-party code associated with a second domain of the content management system; providing the client device with the third-party code associated with the second domain of the content management system, wherein the third-party code references data associated with the third-party content; receiving, from the client device, a client request for the data associated with the third-party content embedded into the content item, the data stored at the third-party source; retrieving the credentials for the external user account from the content management system; sending, to the third-party source, a proxy-request for the data associated with the external user account, wherein the proxy-request comprises the credentials and parameters associated with the client request; receiving, from the third-party source, the data associated with the third-party content embedded into the content item, based on confirmation of the credentials of the external user account; and sending, to the client device, the data for the embedded content to be displayed with the content item. 2. The computer-implemented method of claim 1 , wherein the client request is associated with a first user of the content management system and the external user account is associated with a second user of the content management system. 3. The computer-implemented method of claim 1 , further comprising participating in a 3-legged OAuth registration process to obtain the credentials. 4. The computer-implemented method of claim 1 , further comprising: sending, to the client device, the content item and the third-party code stored by the content management system; receiving, from the client device, data associated with the third-party code; storing the data as metadata associated with the content item; and sending a notification regarding the data to a second client device with access to the content item. 5. The computer-implemented method of claim 4 , wherein a portion of the content item that references the data comprises an iframe. 6. The computer-implemented method of claim 1 , wherein at least one of the parameters are provided by the client request. 7. The computer-implemented method of claim 1 , wherein the content item is a collaboration document. 8. The computer-implemented method of claim 1 , wherein the data associated with the external user account comprises at least one of a picture, a video, a document, an audio file or a widget. 9. The computer-implemented method of claim 1 , wherein a triggering action links a user account associated with the content item in the content management system with the user account of the third-party source. 10. The computer-implemented method of claim 1 , wherein the content item is managed by the content management system with the external user account. 11. A non-transitory computer readable medium comprising instructions, the instructions, when executed by a computing system, cause the computing system to: obtain, by a content management system, credentials for an external user account of a third-party source that is external to the content management system, wherein the credentials are required to display third-party content embedded into a content item stored on the content management system, the credentials stored in association with the content item; receive, from a client device, a request to receive the content item that is associated with a first domain of the content management system; receive, from the client device, a request for third-party code based on a portion of the content item, the third-party code associated with a second domain of the content management system; provide the client device with the third-party code associated with the second domain of the content management system, wherein the third-party code references data associated with the third-party content; receive, from the client device, a client request for the data associated with the third-party content embedded into the content item, the data stored at the third-party source; send, to the third-party source, a proxy-request for the data associated with the external user account, wherein the proxy-request comprises the credentials; receive, from the third-party source, the data associated with the third-party content embedded into the content item based on confirmation of the credentials of the external user account; and forward, to the client device, the data for the embedded content to be displayed with the content item. 12. The non-transitory computer readable medium of claim 11 , wherein the instructions further cause the computing system to participate in an authentication process to obtain the credentials. 13. The non-transitory computer readable medium of claim 12 , wherein the authentication process is a 3-legged OAuth registration process. 14. The non-transitory computer readable medium of claim 12 , wherein the client request is associated with a first user of the content management system and the external user account is associated with a second user of the content management system. 15. The non-transitory computer readable medium of claim 14 , wherein the authentication process included participation from the second user of the content management system. 16. A system comprising: one or more processors; and a non-transitory computer-readable medium storing instructions that, when executed by the one or more processors, cause the one or more processors to: obtain, by a content management system, credentials for an external user account of a third-party source that is external to the content management system, wherein the credentials are required to display third-party content embedded into a content item are stored on the content management system; receive, from a client device, a request to receive the content item that is associated with a first domain of the content management system; receive, from the client device, a request for third-party code based on a portion of the content item, the third-party code associated with a second domain of the content management system; provide the client device with the third-party code associated with the second domain of the content management system, wherein the third-party code references data associated with the third-party content; receive, from the client device, a client request for the data associated with the third-party content embedded into the content item, the data stored at the third-party source; send, to the third-party source, a proxy-request for the data associated with the external user account, wherein the proxy-request comprises the credentials; receive, from the third-party source, the data associated with the third-party content embedded into the content item based on confirmation of the credentials of the external user account; and send, to the client device, the data for the embedded content to be displayed with the content item.