Using OAuth with REST Integration
  • 28 Mar 2024
  • 2 Minutes to read
  • Dark
    Light

Using OAuth with REST Integration

  • Dark
    Light

Article Summary

Overview 

When creating a REST Integration Service, Decisions offers a number of authentication types to give access to the Server being integrated with, without having to provide login or account information each time. One such feature is the use of OAuth. OAuth is an open standard for providing secured delegated access. The following document discusses how to use OAuth in conjunction with a REST Service. 

Version 8 Endpoints for SAML, OpenID, and OAuth:
  • LoginURL - [base]:[port]/Login 
  • LogoutURL - [base]:[port]/Logout 
  • SAML - [base]:[port]/SAML/AssertionConsumer 
  • TokenHandler - [base]:[port]/HandleTokenResponse
An example of an endpoint that would appear in the address bar -> localhost:81/Logout 
The port number is only needed if Decisions is installed to a non-standard port, which would be anything other than port 80 for HTTP or port 443 for HTTPS.

Establishing a Provider

To gain access to OAuth Settings and the ability to create an OAuth Token, users must first establish an OAuth Provider.  This setting is established by navigating to System > Integrations > OAuth > Providers and selecting the ADD OAUTH PROVIDER button within the Folder. 

Once selected, the user may define the Provider's Name and a Description. Once that is complete, the user must define the following Provider Settings:

Setting Name Description
OAuth VersionAllows the user to define which version of OAuth is used in the Provider; either OAuth1x or OAuth2.
Token Request URLAllows the ability to request a Token from the Integrated Service. 
Token Refresh URL (Optional)Allows the ability to access the API after expiration without inputting additional credentials. 
Authorize URLEnables access to the API.  
Callback URLThe URL that the API returns to after running, typically to make any data changes or to POST to the API.  
Default Consumer KeyUsed as a means to identify the user or service that interacts with the API. 
Default Consumer Secret Key Acts in conjunction with the Default Consumer Key as a password to allow access to the API's functions. 

OAuth Settings

After establishing a Provider, OAuth Settings can be used with a REST Integration by scrolling to the Authentication Settings in the Add REST Service screen that appears when a user creates a new REST Service via the CREATE DATAYPES/INTEGRATION button in a Designer Folder. 

From the Authentication Settings, toggling Use OAuth Settings triggers the appearance of the OAuth Panel below. 

The OAuth Panel provides users with the following three options for OAuth : 

  1. Use Custom Tag in Auth Header (OAuth is Default): Allows the user to input a custom OAuth Header Tag.
  2. Use Static OAuth Token: Provides the user a drop-down menu that allows the user to select a pre-made OAuth Token. Without this enabled, the Token will be available as the Input.
    Use Static OAuth Token Considerations:
    • The OAuth Token drop-down requires at least one pre-configuration of an OAuth Token. To properly create and set up an OAuth Token, see Creating OAuth Tokens.
    • It is advised to use a Dynamic Token rather than a Static one. Dynamic Tokens are different every time, much like how authentication codes change every ten seconds with Two-Factor Authentication. This helps improve security for the OAuth Token. 
  3.  Direct OAuth1 Signed Request: Requires the Consumer Key, Initial Token Data, PFX Filename, and PFX Password.

For further information on Integrations, visit the Decisions Forum.

Was this article helpful?