Skip to main content

O-AUTH V2

O-Auth v2 is an open standard for authorization that allows you to grant third-party applications access to their accounts without sharing passwords. This type of user authentication is more secure than traditional password-based authentication, and is used for social media logins, such as using your Facebook or Google account to access a website.

For integrations that support the O-Auth v2 authentication type, you must authenticate on behalf of the client application and grant the requested permissions.

When you create a credential using O-Auth v2, you need to provide the following information in the Add Credentials dialog:

  • Name: Enter a name specific to the integration.
  • Description: Enter a brief description outlining the purpose of the integration.
  • Integration: Select the integration for which the credentials are being created.
  • Authentication Type: Select the authentication type as O-Auth v2.
  • Config Services: This section allows the configuration of services within the following categories:
    • Token Validation Service
    • User Id Mapper Service
    • Action Call back Parser Service
    • Webhook Parser Service
    • Webhook Event Verification Service
  • Grant Type:
    • Auth Code: This type uses an authorization code to authorize and obtain an access token from the authorization server.
    • Password: This type relies on the user's credentials to authorize and acquire an access token from the authorization server.
    • Client Credentials: This type utilizes the client ID and client secret to authorize and obtain an access token from the authorization server.
  • Client Id: The client ID that was issued to your application by the integration.
  • Client Secret: The client secret that was issued to your application by the integration.
  • Base URI: The base URI of the integration's API.
  • Authorization URL: The URL that will be used to obtain an authorization code.
  • Token URL: The URL that will be used to exchange an authorization code for an access token.
  • Redirect URI: The URL that will be used to redirect users after they have authenticated with the integration.
  • Scopes: The scopes that your application needs to access the integration's API.
  • Response Type: The type of response that you expect from the authorization server.

Top of page