OAUTH 2.0 Authentication
This page describes different OAuth2 Authentication setups, covering several prevalently used services. This page also attempts to show how to interpret the web pages describing the authentication.
- Salesforce is a CRM/Cloud Application Platform.
- Short messaging service, used by Narcissists and shouty people.
- A payment gateway.
Once the client id and secret are known we can start setting up our OAuth settings in IMan.
The salesforce documentation describes the request:
Unfortunately the documentation neglects to mention how these parameters are to be passed; though a quick search through the documentation shows that Url-encoding is commonly being used.
The documentation also provides an example response:
We can see from the response that for a successful authorisation we require a request like this:
POST https://login.salesforce.com/services/oauth/token HTTP/1.1
Accept: application/json; charset=utf8
client_id=[some client id]
Configuring IMan to create an authorisation requests such as this is a straight forward and achieved via the IMan setup screen.
Lets have a look at the required request and where these options will map into the setup screen:
The token request settings:
As you can see the diagram on this workflow matches the implicit grant (two legged) description above:
An example token request for twitter is shown below:
POST http://api.twitter.com/oauth2/token HTTP/1.1
Authorization: Basic eHZ6MWV2RlM0d0VFUFRHRUZQSEJvZzpMOHFMdzhpRUo4OERSZHlPZw==
Configuring a token request in IMan
The setup was exclusively derived from the API documentation.
We recommend creating a sandbox account first.
The Client ID is the Client ID from the App Setup; the Client Secret is the Secret.