Authentication :: User Credentials [OAuth]
Contents
Description
OAuth App must be created in Microsoft Azure AD. These settings typically found here https://docs.microsoft.com/en-us/graph/auth-register-app-v2.
Instructions
Firstly, login into Azure Portal and there create an OAuth application:
-
Login to Azure Portal:
- Navigate to the Azure Portal and log in using your credentials.
-
Access Azure Active Directory:
- In the left-hand menu, click on Azure Active Directory.
-
Register a New Application:
- Go to App registrations and click on New registration.
- Application Name: Enter a name for your application.
- Supported Account Types: Choose the account types your app will support. For example, select Accounts in this organizational directory only if you need access to data in your organization only.
- Redirect URI:
- Set the type to Web.
- In the textbox enter https://login.microsoftonline.com/common/oauth2/nativeclient as the Redirect URI or any other valid redirect URL, e.g., https://zappysys.com/oauth.
- Use this Redirect URI in the Redirect URL grid row.
-
Save Client ID:
- After registering the app, copy the Application (client) ID and paste it into the Client ID field in the API Connection Manager configuration.
-
Set Authorization & Token URLs:
- Click on the Endpoints link in the App registration overview.
- Authorization URL: Copy the OAuth 2.0 authorization endpoint (v2) URL (e.g.,
https://login.microsoftonline.com/{your-tenant-id}/oauth2/v2.0/authorize
) and paste it into the Authorization URL field in the configuration grid. - Token URL: Copy the OAuth 2.0 token endpoint (v2) URL (e.g.,
https://login.microsoftonline.com/{your-tenant-id}/oauth2/v2.0/token
) and paste it into the Token URL field.
-
Create a Client Secret:
- In the Certificates & secrets tab, click New client secret.
- Set an expiration period for the secret.
- Copy the generated client secret and paste it into the Client Secret field in the API Connection Manager configuration.
-
Configure API Permissions:
- Go to the API Permissions section.
- Click on Add a permission, select Microsoft Graph, and choose Delegated Permissions.
- Add the required permissions:
- offline_access
- Files.Read
- Files.Read.All
- Files.ReadWrite
- Files.ReadWrite.All
- openid
- profile
- Sites.Read.All
- Sites.ReadWrite.All
- User.Read
- Grant Admin Consent for the permissions that require it.
-
Generate Tokens:
- Use the Generate Token feature in the API Connection Manager to generate authentication tokens.
-
Use a Generic Account for Automation:
NOTE: If you are planning to use your current data connection/token for automated processes, we recommend that you use a generic account for token generation when the login box appears (e.g. sales_automation@mycompany.com instead of bob_smith@mycompany.com). When you use a personal account which is tied to a specific employee profile and that employee leaves the company, the token may become invalid and any automated processes using that token will fail. Another potentially unwanted effect of using a personal token is incorrect logging; the API calls (e.g. Read, Edit, Delete, Upload) made with that token will record the specific user as performing the calls instead of an automated process.
- That's it!
Parameters
Parameter | Label | Required | Options | Description | Help | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
AuthUrl | Authorization URL | YES |
|
|
|||||||||||||||||||||||
TokenUrl | Token URL | YES |
|
|
|||||||||||||||||||||||
ClientId | Client ID | YES |
|
||||||||||||||||||||||||
ClientSecret | Client Secret | NO |
|
||||||||||||||||||||||||
Scope | Scope | YES |
|
|
|||||||||||||||||||||||
ReturnUrl | ReturnUrl | NO |
|
||||||||||||||||||||||||
SiteId | SiteId (select after pressing 'Generate Token') | YES |
|
||||||||||||||||||||||||
ExtraAttributesForAuthRequest | Login Prompt Option | NO |
|
|
|||||||||||||||||||||||
RetryMode | RetryMode | NO |
|
|
|||||||||||||||||||||||
RetryStatusCodeList | RetryStatusCodeList | NO |
|
||||||||||||||||||||||||
RetryCountMax | RetryCountMax | NO |
|
||||||||||||||||||||||||
RetryMultiplyWaitTime | RetryMultiplyWaitTime | NO |
|