Establishing an OAuth Provider
- 21 Jan 2022
- 2 Minutes to read
- Print
- DarkLight
This documentation version is deprecated, please click here for the latest version.
Establishing an OAuth Provider
- Updated on 21 Jan 2022
- 2 Minutes to read
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Overview
OAuth is an open standard for providing secured delegated access. In short, Decisions can take actions or access resources from a server on behalf of the user without them having to share their credentials. It does this by allowing the identity provider (IdP) to issue tokens to Decisions with the user’s approval. Before using an API with OAuth, two things must first occur: an OAuth Provider must be established, and an OAuth Token must be created. The following document discusses the method used to setup an OAuth Provider for proper Integration with Decisions.
The following document ONLY discusses Provider setup. For information on Creating Tokens for an OAuth Integration, see Creating OAuth Tokens.
Adding a Provider
Note that the following discusses the required configurations for an OAuth Provider. For assistance in finding the specific required parameters for an OAuth Provider, please seek documentation or Developer settings for that specific service being integrated with Decisions.
To gain access to OAuth Settings and the ability to create an OAuth Token, users must first establish an OAuth Provider. This setting is established in the System > Integrations > Providers Folder, via selecting the ADD OAUTH PROVIDER button within the Folder.
Once selected the user may define the Provider's Name and a Description, and then, the following Provider Settings. Once all necessary configurations have been made, click SAVE to finish adding the OAuth Provider.
| OAuth Version | Allows the user to define which version of OAuth is used in the Provider; either OAuth1x or OAuth2. See the section on Version Differences below for further detail. |
| Token Request URL | Allows the ability to request a Token from the Integrated Service. |
| Authorize URL | Enables access to the API. |
| Callback URL | URL that is designated to receive auth code. Examples:
|
| Default Consumer Key | Used as a means to identify the user or service that interacts with the API. |
| Default Consumer Secret Key | Acts in conjunction with the Default Consumer Key as a password to allow access to the API's functions. |
| URL Encode Refresh Token | URL Encodes refresh token during refresh. |
Version Differences
In addition to providing different options for configuration, it is important to ensure that the selected OAuth version is compatible with the OAuth Server. For more information, see the documentation for the specific Server being integrated with or that particular Server's Settings or the Key/Token locations for the App.
Though both OAuth1x and OAuth2 have nearly identical Provider Setting options, selecting OAuth2 provides the following additional options for configuration:
- Token Refresh URL (optional): This allows the ability to access the API again after expiration without inputting additional credentials.
- Callback URL: The URL that the API returns to after running typically to make any data changes or to POST to the API.
Was this article helpful?
