Articles in this section

Set up an OAuth 1.0 connection to Magento 2

Magento is an open-source eCommerce platform with features like order management, business intelligence, and shipping.

Magento 2 documentation: API guide , Authentication

A. Set up a Magento 2 connection

Start establishing a connection to Magento 2 in either of the following ways:

  • From the Resources menu, select Connections. Then, click + Create connection at the top right.

    – or –

  • While working in a new or existing integration, you can add an application to a flow simply by clicking Add source or Add destination/lookup.

In the resulting Application list, select Magento 2.

List.png

The Create connection panel opens with the required and advanced settings.

B. Provide required Magento 2 application details

At this point, you’re presented with options for providing Magento 2 authentication.

MagentoN.png

Name (required): Provide a clear and distinguishable name. Throughout integrator.io imports and exports, you will have the option to choose this new connection, and a unique identifier will prove helpful later when selecting among a list of connections that you’ve created.

Application (required, non-editable): A reminder of the app you’re editing.

Mode (required): Select one of the following options:

  • Cloud to connect to a publicly accessible server application

  • On-premise to connect to a server that is publicly inaccessible and has integrator.io agent installed on it

Agent (required, if On-premise selected for Mode; otherwise not displayed): Select an agent from the list. To connect to an on-premise application, integrator.io requires that an agent be installed on a networked computer. An agent is a small application that allows you to connect to data behind your firewall. When installing an agent, you will specify a unique access token, which then populates the Agent drop-down list. The installed agents connect to integrator.io and establish a reverse SSH tunnel, allowing secure communication without the need to whitelist integrator.io IP addresses in your firewall settings. A single agent can be used by multiple different connections.

Authentication type (required): Select OAuth 1.0 as the authentication type for this connection (the token option is described separately).

Base URI (required): Enter the base URI of your Magento 2 account. You can locate this URL in the address bar after you sign in to your Magento 2 account. For example, if your account is located at http://123.12.12.1/xyz/admin, then replace admin with rest and enter the base URI as http://123.12.12.1/xyz/rest.

Signature method (required): Select the required method to sign the API call:

  • HMAC-SHA1

  • HMAC-SHA256

  • HMAC-SHA512

  • RSA-SHA1

  • RSA-SHA256

  • RSA-SHA512

  • PLAINTEXT

Consumer key (required): Enter your consumer key. The consumer uses this value to identify itself to the service provider. This is enabled and required for all the Signature methods.

Consumer secret (required): Enter your consumer secret. The consumer uses this password to establish ownership of the consumer key. This is enabled and required when Signature method is HMAC-SHA1, HMAC-SHA256, HMAC-SHA512, or PLAINTEXT. Multiple layers of protection, including AES 256 encryption, are in place to keep your secret safe. When editing this connection, you must re-enter this value each time; it is stored only when the connection is saved and never displayed as text.

Access token (required): Enter the access token. The consumer uses this token to gain access to the protected resources on user's behalf. This is enabled and required for all the Signature methods. Multiple layers of protection, including AES 256 encryption, are in place to keep your token safe. When editing this connection, you must re-enter this value each time; it is stored only when the connection is saved and never displayed as text.

Token secret (required): Enter the token secret. The consumer uses this secret to establish ownership of a provided token. This is enabled and required when Signature method is HMAC-SHA1, HMAC-SHA256, HMAC-SHA512, or PLAINTEXT. Multiple layers of protection, including AES 256 encryption, are in place to keep your secret safe. When editing this connection, you must re-enter this value each time; it is stored only when the connection is saved and never displayed as text.

Consumer private key (required): Enter the consumer private RSA key. This key is used to sign the API call request. This is enabled and required when Signature method is RSA-SHA1, RSA-SHA256, or RSA-SHA512

Realm (optional): Enter the realm value.

How to retrieve consumer key, consumer secret, access token, and access token secret

 

  1. Sign in to your Magento 2 account.

  2. Navigate to System > Extensions > Integrations.

  3. Click Add new integration. For more information, see OAuth-based authentication.

  4. Enter a Name.

  5. Enter an Email.

  6. Enter Callback URL.

  7. Enter Identity link URL.

  8. Enter your Magento 2 account password.

  9. Click Save and activate.

  10. In the API tab, add the required permissions.

  11. Click Allow. The Integration tokens for extension page opens.

  12. Copy Consumer key.

  13. Copy Consumer secret.

  14. Copy Access token.

  15. Copy Access token secret.

Main.png

C. Edit advanced Magento 2 settings

Before continuing, you have the opportunity to provide additional configuration information, if needed, for the Magento 2 connection.

{{img class=screenshot-frame id=4}}

NOTE: Selecting another app changes form...

D. Test the connection

Once you have configured the Magento 2 connection, you have a few options for continuing:

  • Save – click this button to test the connection, commit the new connection so that it will be available to all integrations for your account

  • Save & close – click to test and save the connection and exit the Create connection panel

  • Close – click to exit without saving any new changes

  • Test connection – click this button to verify that your new connection is free of errors

When you test or save the connection, it is verified before continuing.

Test.png

The new connection is now successfully added to your account. It will be applied to the current source or destination app if you created it within a flow. Otherwise, you may proceed to register the connection with an integration.