Partners who run OAuth 2.0 flows on behalf of customers can limit security risks by building a custom app with a third-party service provider that allows their customers to authenticate OAuth 2.0 tokens without revealing their credentials to the partner.
Use the following steps to build the customer-facing authentication interface:
-
Create the connection and copy the connection ID.
-
Configure your customer-facing app to send the following GET call to the connection’s OAuth 2.0 API endpoint:
GET /v1/connection/:_connectionId/oauth2 -
The
GETcall returns anauthorizationURLfor you to deliver to the customer via the customer-facing application. -
The customer enters their credentials and is then asked to allow Celigo to access their account and related data. The customer checks the confirmation box, and clicks Confirm.
-
Celigo securely stores the customer’s authentication token in an encrypted iClient.