Create connections to Adobe Commerce Cloud using OAuth1.0a
Good afternoon everyone,
In version 2.4.4, Adobe Commerce (formerly known as Magento) is deprecating the use of token-based authentication for its REST API. The feature will still exist BUT will be disabled by default. It's only a matter of time before Adobe removes it completely
Since version 2.4.3 will reach its end of life by November 28th 2022, this means that every integrator.io client integrating with an Adobe Commerce platform REST API will need to either re-enable the setting against Adobe's best practices or change it's connections to support OAuth1.0a
To make things more complicated, Celigo's Magento 2 connector is not supporting OAuth1.0a (it's not supporting the usage of the bulk API either but that's a topic for another discussion)
Since we still have time until the end of November, I'm willing to try switching to an OAuth1.0a connexion. That said, the documentation provided by Celigo left me rather confused about what needs to be done
I'm mostly referring to this article: https://docs.celigo.com/hc/en-us/articles/360050836031-Set-up-a-wrapper-connection
Has anyone attempted this before ?
Comments
Hi Philippe Foisy,
the doc link you added is not belongs to the Magento 2 connection.
If you are migrating to 2.4.4, you need to run a single command to restore the Integration token behaviour. once you enable the Integration token to be used as an API token in your server, you can configure the connection by providing an Integration token.
We are waiting for Adobe to support OAuth 2.0 as very less server use Oauth1.0. until then we recommend our customers to use Token-based Auth only.
Hi Sanjay,
You are right, the link I included in my post is of Celigo's documentation about a recommended workaround when connecting with oAuth1.0a is required.
For example, if the API doesn't allow REST or HTTP-based connections or requires you to use OAuth 1.0 authentication (which is not supported by the HTTP universal connector), use a wrapper.
Regarding that "single-command" you mention, you are also right and we do consider this solution to be a viable temporary workaround. That said, Adobe describes it as being perceived to be unsecured. Reading between the lines makes us believe they might remove the feature at one point.
We would rather be prepared and seek out an alternative connection mechanism than be stuck with broken connections.
Regarding Adobe Commerce adoption of oAuth2.0. I would not bet on it soon and meanwhile, oAuth1.0a is the mechanism they support...
Regards
We just ran into the same issue so thank you for asking this question! I agree with you that we shouldn't bet on Adobe supporting oAuth2.0 anytime soon.
Please sign in to leave a comment.