Alok_Tibrewal | 2018-12-20 09:58:32 UTC | #1
Hi,
Under web service Data action how oAUTH 2.0 is implemented. The way it works that you first get authorization code and then sent that code to get access token.
So first we need to post to AUTH URL then we need to post to token URL.
Now I am having issue how this will be implemented and what I see in the documents as given on web no where it is mention how to setup two URL.
Anyone any help in this matter please.
Regards Alok
Alok | 2018-12-20 13:13:37 UTC | #2
How do I implement the "User Define OAuth" in purecloud the way the "Postman" is doing. In Postman we are giving the two url.
- Auth Url -- for getting the auth code
- Access Token Url -- for getting the access token.
I am able to get access token in Postman but not able to understood how to setup in Purecloud.
I am attaching the Postman Access Token screen for your reference.
ChrisDibble | 2018-12-20 13:38:58 UTC | #3
HI Alok,
Check out these two pages for information on how to setup actions that use custom OAuth authentication.
https://help.mypurecloud.com/articles/workflow-for-the-user-defined-oauth-credential-type/ https://help.mypurecloud.com/articles/how-to-use-the-user-defined-oauth-credential-type/
Once you select the oauth credential type, you'll configure an "auth action" that performs the authentication to get your token. Then you reference the output of the auth action in your regular action. Those articles go into more details to help you get setup.
Let us know if you run into any problems.
-Chris
anon28066628 | 2018-12-20 15:50:10 UTC | #4
Edit: see Tim's reply below - auth code grant does require a browser redirect as noted below, so client credentials is required.
Hi Alok, I've only used data action Oauth with client credentials grant (client id / client secret):
https://help.mypurecloud.com/articles/how-to-use-the-user-defined-oauth-credential-type/
I don't believe the authorization code flow is supported directly, but you should be able to accomplish it with two "hand rolled" secure actions as long as the auth code is returned in the body of a JSON response. Since there is no user or interactive session, flows requiring browser redirect aren't supported.
tim.smith | 2018-12-20 15:35:33 UTC | #5
You can only use client credentials in data actions. None of the other grant types make sense in that context because data actions don't interact with the user's browser and therefore have no way to authenticate a user. If you need to make user-based API calls, you need to write a custom app to handle authentication and then make the API calls. That could take the form of a custom web page embedded in an agent script.
Alok_Tibrewal | 2018-12-21 04:41:52 UTC | #6
Thanks gents for your replies.
We are trying to implement the way Salesforce is implemented. We have a third party CRM and I need to add certain data action to pull a contact information based on ANI and vica versa.
We tested the data action without any auth (not secured) and it all worked fine. We created out our own api and tested it in IVR flow all good so far.
Currently this CRM supports only oAUTH 2.0 and they are depriciating others method.
I think I need to find out what all other ways provided by them to access API.
Any guideline and pointer in this case to guide my team will be highly highly appreciated.
Thanks again. Regards Alok
Alok_Tibrewal | 2018-12-21 06:13:16 UTC | #7
tim.smith, post:5, topic:4232
you need to write a custom app to handle authentication
Hi,
Can you elaborate little more here. What you meant? Is there any place in Pure Cloud where we can host our custom app and control this. If so please share the link to read will appreciate.
Regards Alok
Jason_Mathison | 2018-12-21 11:30:40 UTC | #8
Hi Alok,
It seems like this thread has gone in several different directions, so I am going to try to start over again. My understanding is that you want to create your own data actions to talk to a third party CRM. This third party CRM will soon only support OAuth 2.0 and you need to know how to get that to work.
Chris Dibble sent you a couple of links to the resource center that walk through how to setup an integration with a "User Defined (OAuth) credential type". This is the solution we have created for exactly your situation. Have you read through those articles and attempted to implement that solution? If you are having issues creating the custom auth action then please export your custom auth action, the data dip action, and include an example of the error / issue that you see in test mode.
--Jason
Jason_Mathison | 2018-12-21 11:51:09 UTC | #9
Taking a longer look through this thread, I think I finally understand the confusion. In your postman example you are using the "Authorization Code" type of grant. That type of grant doesn't make sense for a Data Action to use. If you change the grant type in Postman to "Client Credentials" you will see that there is only one URL, which is the same URL that you would use in your Custom Auth Action.
Hopefully that helps clear things up! --Jason
Alok_Tibrewal | 2018-12-21 11:56:46 UTC | #10
Hi Jason,
Thanks for reply.
I also understood the problem, but they only support Code authorization. So I am kinda stuck here. They have option to refresh_token, which will keep token alive for lifetime.
Not sure how I should implement for our Data Action. We have already spent a month on this project, we were stupid not to check this part, now we are stuck.
We have already integrated pure cloud widget on their platform and it is vica versa actions we are stuck now as they only support Code Authorization.
Any tip or other way work around if you can suggest any thing is welcome and appreciated.
Regards Alok
Jason_Mathison | 2018-12-21 12:13:30 UTC | #11
What CRM are you working with?
Jason_Mathison | 2018-12-21 12:51:29 UTC | #12
AlokTibrewal, post:10, topic:4232
They have option to refreshtoken, which will keep token alive for lifetime.
Would it be possible to run through the Auth URL step in postman to get the auth code, and then use the custom auth data action to do the refresh_token as needed? (And sorry if this is a terrible idea, I am in no way an OAuth expert.)
system | 2019-01-21 12:50:59 UTC | #13
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.
This post was migrated from the old Developer Forum.
ref: 4232