Skip to main content

Set up an OAuth 2.0 HTTP connection

Stephen Brandt
  • Updated
Follow
NOTE: Available only in beta....

OAuth 2.0 links: Framework, Standard

OAuth 2.0 is an increasingly common server API authorization protocol. In fact, many built-in integrator.io connections already gain access via OAuth 2.0, and it has become required or preferred by providers like Google, eBay, and Microsoft.

HTTP connections in integrator.io (beta) now feature OAuth 2.0 as a fully customizable authentication type. You can select this option to connect to any OAuth 2.0-compliant app that does not have a standard integrator.io connection, or you can build your own OAuth 2.0 connection for a supported app and exercise finer control over each setting, as described below:

Contents

1. Set up an HTTP connection

Start establishing the universal, or generic, OAuth 2.0 connection in either of the following ways:

  • Select Connections from the Resources menu.

    Next, click + Create connection at the top right. In the resulting Create source panel, select HTTP from the Application list, under the Generic tech connectors group.

    Finally, click the Next button.

  • While working in a new or existing integration, you can add an application to a flow simply by clicking Add source or Add destination. From the Application list, under Generic tech connectors, select HTTP.

    After the HTTP Application is added, click the Connection field’s [+] button to proceed.

With both methods, be sure to provide a clear and distinguishable Name as soon as the connection is created. Throughout integrator.io imports and exports, you will have the option to choose this new connection, and a unique identifier will prove helpful later when selecting among a list of connections that you’ve created.

The OAuth 2.0 HTTP connection will work with a Cloud (remote) or On-premise (network) server; for On-premise, there’s an additional step to specify an agent.

2. Add HTTP connection type: OAuth 2.0

The Edit connection pane next requires an Authentication type. Select OAuth 2.0 from the list.

At this point, in addition to the standard HTTP connection settings, you’re presented with a series of options for modifying the OAuth 2.0 authorization.

3. Edit OAuth 2.0 settings

As with all API connections, the parameters are unique to the vendor’s conventions. Before proceeding, review the developer documentation and your account settings.

OAuth 2.0 setting Values

Grant type (required)

Two types are available:

  • Authorization code – the provided code is obtained by using an authorization server as an intermediary between the client, integrator.io, and resource owner
  • Client credentials – limits the authorization scope to the protected resources under control of the client, or to protected resources previously arranged with the authorization server

You can use the Authorization code to get an access token for web and native apps after you authorize the app, or Client credentials for apps to request an access token on their own behalf.

iClient (required)

Saves your client ID and client secret for an added layer of security. To add a named iClient ID-secret pair, click the [+] button.
 

Callback URL (not editable)

This field is disabled and shown only when the Grant type is Authorization code, as a convenience for you to copy the integrator.io callback URL.

Authentication URL (required)

Enter the endpoint for the API provider’s authorization server where the authorization code is retrieved. This field is available only when the Grant type is Authorization code.

Scopes (optional)

If applicable, provide a list of the scopes of access being requested from the authorization server. By default, a space character delimits multiple scopes.

Scopes are available only when the Grant type is Authorization code.

Scope delimiter (optional checkbox and delimiter)

If you are requesting access to more than one scope and the authorization server expects the list to be delimited by a space character, leave the box This provider uses a scope delimiter other than space unchecked. Otherwise, check this box, and enter a custom delimiter below.

Access token URL (required)

Enter the URL to the endpoint where an authorization code for an access token can be exchanged. In most cases, this URL is also on the authentication server itself.

Client authentication (optional)

Select one of the following options to configure the location where client credentials should be sent at the server:

  • Send as basic auth header
  • Send client credentials in the [request] body

The remaining settings are identical to any other HTTP connection.

4. Save, test, and authorize

Once you have configured the OAuth 2.0 HTTP, you have a few options for continuing:

  • Test – click this button to verify that your new connection is free of errors
  • Save & authorize – click this button to test the connection, commit the new connection so that it will be available to all integrations for your account (and applied to the current source or destination app, if you created it within a flow)
  • Cancel – click this link to exit connection creation without saving

When you request Save & authorize, a new browser window opens to ask you to grant access to integrator.io for the specified scopes. If you allow the request, the refresh token is stored within this connection.

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk