GrantType Questions

[damascenaluiz]

I am trying to implement authentication with OAuth but I am experiencing problems initially in these two situations:

1 - The framework I'm using to build the API says the following:

Tokens are refreshed through the same endpoint, but with a payload that only contains the refresh token and grant_type=refresh_token.

grant_type=refresh_token&refresh_token=kjasdiuz9u3namnsd

How can I handle this?

2 - What would be the best way to enter customer and service settings (eg client id, endpoint, secret) without placing them directly in the code. I would like to use the same code for different requests and users, configuring without being directly in the code.

Thanks for all,

[erickoledadevrel]

In regards to #1, that's completely normal for OAuth2 providers. When you call .setTokenUrl('...') you are setting the URL to be used for both exchanging a code for a token and for refreshing tokens. The library handles all of the refresh logic for you.

For #2, it's usually best to have a single client ID for your code rather then require every user to register their own. If not possible or feasible, then you could build a UI for your script that allows the user to enter the information and then you store it in user properties.

[damascenaluiz]

Okay, I had problems with the construction of the connector using the OAUth flow steps but I think that due to specific API issues I'm using.

Thanks for this.