Authentication :: User Credentials [OAuth]
Description
OAuth App must be created in Microsoft Azure AD. These settings typically found here https://docs.microsoft.com/en-us/graph/auth-register-app-v2.
[API Help..]
Instructions
Firstly, login into Azure Portal and there create an OAuth application:
- Go to Azure Portal and login there.
- Then go to Azure Active Directory.
- On the left side click menu item App registrations
- Then proceed with clicking New registration.
- Enter a name for your application.
- Select the account types to support with the Supported account types option.
- In Redirect URI, select Web.
- In the textbox enter https://zappysys.com/oauth as the Redirect URI or another valid redirect URL.
- Use this same Redirect URI in the Redirect URL - Must Match App Redirect URL grid row.
- Copy Client ID and paste it into the API Connection Manager configuration grid in the Client ID row.
- Click on the Endpoints link and copy the OAuth 2.0 authorization endpoint (v2) URL to the Authorization URL grid row. Usually it looks similar to this:
- https://login.microsoftonline.com/daed1250-xxxx-xxxx-xxxx-ef0a982d3d1e/oauth2/v2.0/authorize
- Copy the OAuth 2.0 token endpoint (v2) URL to the Token URL grid row. Usually it looks similar to this:
- https://login.microsoftonline.com/daed1250-xxxx-xxxx-xxxx-ef0a982d3d1e/oauth2/v2.0/token
- Close "Endpoints" popup and create a Client Secret in the Certificates & secrets tab.
- Proceed by clicking New client secret and setting expiration period. Copy the client secret and paste it into configuration grid in Client Secret row.
- Now lets setup permissions for the app. Click on API Permissions and on the page click Plus Sign Add Permission
- Click on Microsoft Graph API and then choose Delegated Permissions
- on Permission list page search or choose permissions as needed. We need to enable following Permissions from 3 Sections (i.e. OpenId Permissions, Mail Permissions and Users Permissions).
- Make sure you have checked below permissions (If you do not need Write feature then you can skip Write scopes)
offline_access
email
openid
profile
Mail.Read
Mail.Read.Shared
Mail.ReadBasic
Mail.ReadBasic.Shared
Mail.ReadWrite
Mail.ReadWrite.Shared
Mail.Send
Mail.Send.Shared
User.Read
User.ReadBasic.All
- Click Generate Token to generate tokens.
- That's it!
Parameters
Parameter |
Label |
Required |
Options |
Description |
Help |
AuthUrl |
Authorization URL |
YES |
Option |
Value |
https://login.microsoftonline.com/common/oauth2/v2.0/authorize |
https://login.microsoftonline.com/common/oauth2/v2.0/authorize |
https://login.microsoftonline.com/{ENTER-TENANT-ID-HERE}/oauth2/v2.0/authorize |
https://login.microsoftonline.com/{ENTER-TENANT-ID-HERE}/oauth2/v2.0/authorize |
|
|
|
TokenUrl |
Token URL |
YES |
Option |
Value |
https://login.microsoftonline.com/common/oauth2/v2.0/token |
https://login.microsoftonline.com/common/oauth2/v2.0/token |
https://login.microsoftonline.com/{ENTER-TENANT-ID-HERE}/oauth2/v2.0/token |
https://login.microsoftonline.com/{ENTER-TENANT-ID-HERE}/oauth2/v2.0/token |
|
|
|
ClientId |
Client ID |
YES |
|
|
|
ClientSecret |
Client Secret |
NO |
|
|
|
RefreshTokenFilePath |
Refresh Token File Path |
NO |
|
If you cant fit long refresh token in ConnectionString from your program then use this. Supply three properies in json format (i.e. save this in file { "access_token": "YOUR_ACCESS_TOKEN", "refresh_token": "YOUR_REFRESH_TOKEN", "expires_in": 3600 } )
|
|
Scope |
Scope |
YES |
Option |
Value |
offline_access |
offline_access |
email |
email |
Mail.Read |
Mail.Read |
Mail.Read.Shared |
Mail.Read.Shared |
Mail.ReadBasic |
Mail.ReadBasic |
Mail.ReadBasic.Shared |
Mail.ReadBasic.Shared |
openid |
openid |
profile |
profile |
User.Read |
User.Read |
User.ReadBasic.All |
User.ReadBasic.All |
Mail.ReadWrite |
Mail.ReadWrite |
Mail.ReadWrite.Shared |
Mail.ReadWrite.Shared |
Mail.Send |
Mail.Send |
Mail.Send.Shared |
Mail.Send.Shared |
|
Permissions you want to use.
|
|
ReturnUrl |
ReturnUrl - Must Match App Redirect URL |
NO |
Option |
Value |
https://zappysys.com/oauth |
https://zappysys.com/oauth |
|
The ReturnUrl must match the URL on the Authentication page for your Application (in Azure Portal)
|
|
RetryMode |
RetryMode |
NO |
Option |
Value |
None |
None |
RetryAny |
RetryAny |
RetryWhenStatusCodeMatch |
RetryWhenStatusCodeMatch |
|
|
|
RetryStatusCodeList |
RetryStatusCodeList |
NO |
|
|
|
RetryCountMax |
RetryCountMax |
NO |
|
|
|
RetryMultiplyWaitTime |
RetryMultiplyWaitTime |
NO |
|
|
|
ExtraAttributesForAuthRequest |
Login Prompt Option |
NO |
Option |
Value |
None |
|
Force login prompt |
prompt=login |
Force permission select |
prompt=consent |
|
Choose this if you want to force login prompt or permission prompt.
|
API Help |