OAuthToken Connection
Access level: read
OAuth 2.0 is an Authorization Framework and an open standard for access delegation that is used by a variety of HTTP service providers. This connection type provides an access token for an HTTP service using OAuth2 Standard. It can also be referenced in REST connections with authentication method "Token", but there are some limitations.
With OAuth connections, one authorization request can be performed during execution and can be used for several subsequent REST calls.The result of this connection is JSON and can be consumed directly by a JSON extract.
In an OAuthToken Connection's successful response, the authorization server issues an access token and an optional refresh token. The authorization server constructs the response by adding parameters to the entity-body of the HTTP response.
According to the specification "The OAuth 2.0 Authorization Framework", a successful response requires access_token and token_type parameters. It is recommended to have an expires_in parameter, optional refresh_token, and scope parameters.
Connection settings
To obtain details such as Client ID, Client Secret, etc., refer to Microsoft's documentation on Application ID.
Token endpoint | The URL address of the source data, e.g. https://abc.example.com/resource | |
Authentication method | auth2ClientCredential | Grant type "Client Credentials". Requires three parameters:
These parameters are described below. |
oauth2PasswordCredential |
Grant type "Resource Owner Password Credentials". Requires two additional parameters:
|
|
oauth2RefreshToken |
Grant type "Refreshing an Access Token". Requires 1 additional parameter: refresh token, described below. | |
Client ID | A unique string representing the registration information provided by the client. | |
Client secret | Client secret key known only to the application and the authorization server. The secret key must be entered decoded, All required encoding will be done by our system. | |
Access token scope | Optional specification of the scope of the access request. This value is expressed as a list of space-delimited, case-sensitive strings defined by the authorization server. | |
Client authentication type | basicAuthHeader | The client credentials are included in the request header, using the HTTP basic authentication scheme. |
body | The client credentials are included in the request body. | |
Refresh token | There are two ways of specifying the refresh token parameter:
|
|
Additional request parameters | The Request parameters of the web service; required for GET method. The Request parameter can be anything, as it is specific to the URL used. For example, you may be required to authorize access to the Azure Active Directory web applications using the OAuth 2.0 code grant flow. | |
SSL mode | verify | checks the certificate; if response is OK, the certificate is validated. |
trust | imports the certificate to the keystore, if not yet available | |
off | no SSL is used |
Timeout (in s) | The timeout of the web service request in seconds. | |
Ignore cookies policy | By default (unchecked), a warning ("Cookie rejected") appears when the HTTP call breaks a cookie policy. For example, this can be caused by an incorrect domain in the set-cookie header. The OAuth connection will nevertheless return a result.
If the option is checked, the warning will not appear. |
Updated December 9, 2024