Establishing an OAuth Provider
  • 16 Feb 2022
  • 2 Minutes to read
  • Dark
    Light

Establishing an OAuth Provider

  • Dark
    Light

Overview 

OAuth is an open standard for providing secured delegated access. In short, Decisions can take actions or access resources from a server on behalf of the user, without them having to share their credentials. It does this by allowing the identity provider (IdP) to issue tokens to Decisions with the user’s approval. Before using an API with OAuth, two things must first occur an OAuth Provider must be established, and an OAuth Token must be created. The following document discusses the method used to set up an OAuth Provider for proper Integration with Decisions. 

The following document ONLY discusses Provider setup. For information on Creating Tokens for an OAuth Integration, see Creating OAuth Tokens.

Adding a Provider

Note that the following discusses the required configurations for an OAuth Provider. For assistance in finding the specific required parameters for an OAuth Provider, please seek documentation or Developer settings for that specific service being integrated with Decisions. 

To gain access to OAuth Settings and the ability to create an OAuth Token, users must first establish an OAuth Provider.  This setting is established in the System > Integrations > Providers Folder, via selecting the ADD OAUTH PROVIDER button within the Folder. 

Once selected the user may define the Provider's Name and a Description, and then, the following Provider Settings.  Once all necessary configurations have been made, click SAVE to finish adding the OAuth Provider.  Below is a list of required settings that are needed in order to create a provider.

OAuth VersionAllows the user to define which version of OAuth is used in the Provider; either OAuth1x or OAuth2. See the section on Version Differences below for further detail. 
Token Request URLAllows the ability to request a Token from the Integrated Service. 
Authorize URLEnables access to the API.  
Callback URLURL that is designated to receive auth code. Example: {BasePortalURL}/HandleTokenResponse
Default Consumer KeyUsed as a means to identify the user or service that interacts with the API. 
Default Consumer Secret Key Acts in conjunction with the Default Consumer Key as a password to allow access to the API's functions. 
URL Encode Refresh TokenURL Encodes refresh token during refresh.


Version Differences 

In addition to providing different options for configuration, it is important to ensure that the selected OAuth version is compatible with the OAuth Server. For more information, see the documentation for the specific Server being integrated with or that particular Server's Settings or the Key/Token locations for the App.

Though both OAuth1x and OAuth2 have nearly identical Provider Setting options, selecting OAuth2 provides the following additional options for configuration: 

  • Token Refresh URL (optional): This allows the ability to access the API again, after expiration without inputting additional credentials. 
  • Callback URL: The URL that the API returns to after running, typically to make any data changes or to POST to the API. 

Was this article helpful?