About This Release > Procedures Adapters > OAuth 2.0 Authentication Support for the Adapter for REST

OAuth 2.0 Authentication Support for the Adapter for REST

The OAuth 2.0 authentication protocol for granting access to REST APIs is now supported for the Adapter for REST.

Prior to configuring OAuth 2.0 authentication, developers must establish the development environment for the application to obtain the client ID and client secret used for grant authorization code and grant client credentials.

The Adapter for REST is under Procedures on the New Datasource drop-down list of the Web Console Connect to Data page. Right-click the adapter and click Configure.

The configuration parameters are shown in the following image.

Enter or select values for the following parameters.

Connection Name

Is the logical name used to identify this particular set of connection attributes. The default is CON01.

Base URL

Is the part of the URL that is common for calling the various functions within a specific REST API.

Security

Select OAuth from the Security drop-down list.

The OAuth Grant Type drop-down list appears.

OAuth Grant Type

Can be one of the following three grant types.

  • Authorization Code.

    This is used for obtaining an Access Token and Refresh Token using an Authorization Code returned from an Authorization request. The Access Token is automatically renewed using the configured Refresh Token when a request is run.

  • Client Credentials. This is used when the OAuth implementation requires only a Client ID and Client Secret. Once it is selected, the Client ID, Client Secret, and Token URL fields appear. The values for these fields come from the application development environment created as a prerequisite to configuring the adapter. For example, OAuth configuration for the Twitter API is done through the Twitter Developers environment accessed from https://developer.twitter.com.
  • Password. This is used when the OAuth implementation requires only a User ID and Password

The relevant parameters display when you select the Grant Type. Enter or select values for the relevant parameters. The list of OAuth parameters follows.

Service Provider

Is the web service provider. Select custom.

Service URL

Is the URL to the web service when not configured as a REST adapter connection.

Client ID

Is the Client ID provided by the OAuth implementation of the application being accessed.

Client Secret

Is the Client Secret provided by the OAuth implementation of the application being accessed.

Authorization URL

Is the URL used for OAuth authorization to a specific application.

For example, the Authorization URL for the Google set of APIs is https://accounts.google.com/o/oauth2/auth.

Token URL

Is the URL used for obtaining an Access Token to a specific application using the Authorization Code obtained from the OAuth Authorization request.

For example, the Token URL for the Google set of APIs is https://accounts.google.com/o/oauth2/token.

Additional Authentication Parameters

Are additional parameters needed for the OAuth Authorization request to a specific application.

Additional Token Parameters

Are additional parameters needed for the OAuth Token request to a specific application.

Access Token

Is the Access Token returned from the OAuth Token request.

Refresh Token

Is the Refresh Token returned from the OAuth Token request.

User

Is the user ID used to perform OAuth authentication using the Authorization URL.

Password

Is the password used to perform OAuth authentication using the Authorization URL.

When you have configured the OAuth authentication parameters, click Test to test the connection.

When the test shows that the connection is configured correctly, click Configure.

WebFOCUS

Feedback