Altova FlowForce Server 2024 Advanced Edition

Credential Type: OAuth 2.0

Home Prev Top Next

FlowForce Server enables you to create credential objects that are OAuth 2.0 authorization details. You can use OAuth 2.0 credentials in FlowForce Server jobs that call Web services where OAuth 2.0 is required. Users can view and access OAuth credentials only if they have the corresponding permissions. For details, see How Permissions Work.


To create an OAuth 2.0 credential, navigate to the container in which you want to store the credential, click Create | Create Credential, switch to OAuth 2.0 in the Credential Type field, and fill in the credential fields (described below).


About OAuth 2.0 workflow

OAuth stands for Open Authorization and is an open-standard authorization framework that allows applications to access a set of user resources on behalf of a user. The broad procedures associated with the OAuth 2.0 workflow are described below:


1.A third-party application (Client) registers with an authorization server. The authorization server issues a client ID and, if applicable, a client secret.

2.The Client indicates a redirection URI, to which a User will be redirected after granting or denying permission to the Client.

3.The User initiates an action in the client application, which requires access to the User's resources. For example, the User may want to log into the client application, using their Facebook account.

4.The Client sends a request to the authorization server and redirects the User to the authorization endpoint of the authorization server, where the User logs in and grants or denies permission to the Client. The Client's request to the authorization server contains the client ID, requested privileges, and the redirect URI.

5.If the the User has granted permission to the Client, the Client receives an authorization grant and exchanges the user credentials or authorization details (this depends on the grant type) for an access token and, if applicable, a refresh token.

6.The Client then uses the access token to access the User's resources on the resource server.

7.If the access token has expired, the Client can use the refresh token to continue using the User's resources without the User's re-authentication. Whether the Client uses the refresh token or not depends on the grant type you have selected. See the Access Token property below for more details.


Available parameters

The fields associated with an OAuth 2.0 credential object are listed below. To obtain these values, you must first register with a Web service provider (e.g., Google API Console, Facebook API, Bitbucket API).



For more information about Allow usage for options, see Credential Type: Password. For an OAuth 2.0 credential that you plan to use for HTTP, make sure that the Allow usage for HTTP check box is selected. Otherwise, the job will fail.


After you have selected the relevant grant type and filled in all the necessary fields, you can simply save the credential (the Save button) or initiate authorization and save the credential object (the Authorize and Save button). When you select the Authorize and Save option, FlowForce Server will redirect the browser to the service authorization page (only relevant to the Authorization Code and Implicit grant types) or will attempt to get an access token from an external service and save the access token together with the changes to the credential object. Once the access token and, potentially, a refresh token have been obtained, the credential page will be refreshed and will inform you that authorization has been granted.


© 2017-2023 Altova GmbH