Business Integration Solutions Documentation
OAuth 2.0 Setup
An OAuth 2.0 Security Profile, allows the user to connect to an external system with the use of an OAuth 2.0 Access Token.
Setup Page
Field | Description |
---|---|
Token Name | Unique value to identify the setup |
Grant Type | *Method used in the retrieval of an access token |
Client ID | Value taken from the external app setup |
Client Secret | Value taken from the external app setup |
Redirect URL | Redirect URL where the authorization code is forwarded |
Scope(s) | Scope values to be included in the auhtorization code call |
Client Authentication | Indicates where the authentication value is being send |
Authorization URL | External app endpoint authorization URL |
Access Token URL | External app endpoint access token URL |
Auth. URL Params | Extra parameters to include in the URL when retrieving the authorization code, only applicable for grant type "Authorization Code" |
State | Non editable field, which displays the connection status of your token. Has three values: Default (Empty value), Connected (on a successful access token being retrieved) and Error (for anything that goes wrong when trying to fetch a token) |
Grant Type
- Authorization Code: tries to fetch an access token by retrieving first an authorization code wich requires user input
- Password Credentials: tries to directly fetch an access token using a username/password combination
- Client Credentials: tries to directly fetch an access token using a client id/client secret combination
Usefull links
Azure https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow
Google https://developers.google.com/identity/protocols/oauth2
DropBox https://developers.dropbox.com/oauth-guide
Linkedin https://learn.microsoft.com/en-us/linkedin/shared/authentication/authentication
When a platform identification is required, we recommend to use "web" or "web client" as platform. Due to the various providers, we do not support setup issues when connecting to these parties. If issues arise, we require a functional postman request that works.