Partners who run OAuth 2.0 flows on behalf of customers can limit security risks by building a custom app with a third party service provider that allows their customers to authenticate OAuth 2.0 tokens without revealing their credentials to the partner.
Configure the customer-facing app for initial connection authorization
Use the following steps to build the customer-facing authentication interface:
- Create the connection and copy the connection ID.
- Configure your customer-facing app to send the following GET call to the connection’s OAuth 2.0 API endpoint:
- The GET call returns an authorizationURL for you to deliver to the customer via the customer-facing application.
- The customer enters their credentials and is then asked to allow Celigo to access their account and related data. The customer checks the confirmation box, and clicks Confirm.
- Celigo securely stores the customer’s authentication token in an encrypted iClient.
Configure the customer-facing app for token renewal