Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

Since Web Services expose crucial business information online, their security is critical for the business. You can secure a web service by using a Security Policy activity.

OAuth Authentication is supported for REST Web Service Consumer and Mail activities.

To configure Security Policy with OAuth Authorization, first you need to create OAuth Profile and then OAuth Account. 

OAuth Profile helps to configure the OAuth related parameters like Application credentials, Authorization/Access Token URLs etc. to get the access token from the API provider.

Even before creating the OAuth Profile, you need to register the Adeptia Connect with another application for OAuth authentication and to generate the Client Identifier and Client Secret details. To know how to register an application for OAuth authentication, click here.

Creating an OAuth Profile

Follow the steps below to create OAuth Profile:

  1. Click Configure > ACCOUNTS > OAuth Profile.
  2. Click Create OAuth Profile.
  3. On the Create OAuth Profile screen, provide the name of the new OAuth Profile in the Provide a name for this OAuth profile field.



  4. Enter the values in each field of Access Information.

    Field Name

    Description

    OAuth Version

    The protocol version to use to connect with your OAuth provider.

    OAuth Grant Type

    The way the application should interact with your OAuth provider to obtain access token.

    Client Identifier

    The client identifier issued to the client during the application registration process.

    Client Secret

    The client secret issued to the client during the application registration process.

    Authorization URL The endpoint for authorization server.

    Access Token URL

    The endpoint for authentication server.

    Scope

    The scope of the access request. The access token issued to the application will be limited to the scopes granted.

    Callback URLThe callback URL that you will be redirected to, after the application is authorized. You have to use this URL for Callback URL/Redirect URI fields during app registration process.

    Select Project

    Select the Project from drop-down list of Select Project.

  5. Expand Other Settings to view the advanced properties of OAuth Profile.



    Field Name

    Description

    Authorization Request Query ParametersThe Parameters (other than standard OAuth Parameters) to be sent into the authorization requests. Specify the comma separated list of key value pairs. Ex. param1=value1,param2=value2.
    Authorization Request Headers The Headers (other than standard OAuth Headers) to be sent into the authorization requests. Specify the comma separated list of key value pairs. Ex. param1=value1,param2=value2.

    Access Token Request Query Parameters 

    Enter the Access Token Request Query Parameter.

    The parameters (other than standard OAuth parameters) to be sent into the access token requests. Specify the comma separated list of key value pairs. Ex. param1=value1, param2=value2.

    Access Token Request HeadersThe Headers (other than standard OAuth Headers) to be sent into the access token requests. Specify the comma separated list of key value pairs. Ex. param1=value1,param2=value2.

    Access Token Key Name in Token Response

    The key name to use while extracting access token from token response.

    Refresh Token Key Name in Token ResponseThe key name to use while extracting refresh token from token response.

    Token Response Body Parameters to be fetched

    The extra parameters to be captured from token response.

    Token Response Query Parameters to be fetched

    The extra parameters to be captured from token response query parameters.

    Send Access Token as

    Specify how the access token is to be sent into requests. The tokens can be sent as header or query param.

    Access Token Key Name in API request

    The Token Key Name to be sent into API requests. For ex: the value AUTH_TOKEN will be sent as AUTH_TOKEN: Bearer XXXXXXXX (in case of Header param).

    Or AUTH_TOKEN=XXXXXXXX (in case of Query param).

    Access Token Type in API request 

    The token Type to be sent into API requests. For ex: the value Bearer will be sent as: Authorization: Bearer XXXXXXXX.

  6. Click Save.

Important

If you edit an Authorization Code Grant or Implicit Grant type of Oauth Profile, the associated Oauth Account will no longer work. You would need to create a fresh Oauth Account to associate with the updated Oauth Profile.

Once OAuth Profile is created, you can now create OAuth Account to generate Access Token.

Creating an OAuth Account

Follow the steps below to create an OAuth Account:

  1. Click Configure > ACCOUNTS > OAuth.
  2. Click CREATE OAuth account.
  3. On the Create OAuth Account window, provide the name of the OAuth Account in the Provide a name for this OAuth account field.



  4. Select the Use In Mail Activity check box if you want to use this OAuth Account for mail services. 

  5. In the User Id field, enter the User Id.

    This User Id field appears only when you have selected the Use In Mail Activity check box.
  6. Select the OAuth Profile that you have created from the drop-down list of Select OAuth Profile to use for this account field.

    Or, you can also create a new OAuth Profile by clicking .
  7. Select the Project from drop-down list of Select Project.

  8. Click Get Access Token and Save.

    To fetch the access token, login with the same user Id that you have used in the step 5.

    This creates your OAuth Account in Adeptia Connect.

You may be interested in...
What's new
Best practices
Training guides
Frequently asked questions
Adeptia Connect APIs
Adeptia security report
  • No labels