Please enable JavaScript to view this site.

Altova FlowForce Server 2020 Advanced Edition

In addition to credentials of type password, you can also create credential objects that are OAuth 2.0 authorization details. You can use OAuth 2.0 credentials in FlowForce Server jobs that call Web services where OAuth 2.0 authentication is required.

 

You can create OAuth credentials in the same way as password credentials, see Defining Credentials. Like with other FlowForce Server objects, users can view or access OAuth credentials only if they have the corresponding permissions, see How Permissions Work.

 

The fields associated with an OAuth 2.0 credential object are listed below. To obtain these values, you must first register with the Web service provider (for example, Google API Console, Facebook API, Bitbucket API, and so on).

 

Redirect URI

Specifies the URI where the authorization server will send responses to FlowForce Server (tokens or errors). This field is filled automatically by FlowForce Server.

Authorization Endpoint

Specifies the URI from where FlowForce Server initiates authorization flows. You can obtain this value after registering with the Web service provider.

Token Endpoint

Specifies the URI from where FlowForce Server initiates token flows. You can obtain this value after registering with the Web service provider.

Client ID

The identifier of the client application (FlowForce Server, in this case). You can obtain this value after registering with the Web service provider.

Client secret

The secret associated with the client application. You can obtain this value after registering with the Web service provider.

Scope

The scope of the client application, if required by the provider. You can obtain this value after registering with the Web service provider.

Access token

This is the access token returned by the authorization server. The FlowForce Server job will execute successfully only if the resource server determines that the access token is correct and valid.

 

To obtain this value manually the first time when you create the OAuth credential, fill all the other fields (except Refresh token), and then click Authorize and Save.

 

This token expires after a period of time set by the Web service provider. If the token has expired, FlowForce Server will request a new one from the authorization server, using the Refresh token value.

Refresh token

This is the refresh token returned by the authorization server. It is required when the Access token expires (see above). In rare cases when the access token never expires, this is not necessary.

© 2019 Altova GmbH