Partners who run OAuth 2.0 flows on behalf of customers can limit security risks by building a custom app with a third party service provider that allows their customers to authenticate OAuth 2.0 tokens without revealing their credentials to the partner.

Configure the customer-facing app for initial connection authorization

Use the following steps to build the customer-facing authentication interface:

1. Create the connection and copy the connection ID.
2. Configure your customer-facing app to send the following GET call to the connection’s OAuth 2.0 API endpoint:

GET /v1/connection/:_connectionId/oauth2

3. The GET call returns an authorizationURL for you to deliver to the customer via the customer-facing application.
4. The customer enters their credentials and is then asked to allow Celigo to access their account and related data. The customer checks the confirmation box, and clicks Confirm.
5. Celigo securely stores the customer’s authentication token in an encrypted iClient.

Configure the customer-facing app for token renewal