This section explains how to setup and use OAuth2.
ConnectIT 365 supports two grant types: Client Credentials and Authorization Code.
When using authorization code, refresh token grant will be automatically used when possible.
OAuth is available for REST and SOAP definitions. To be able to use the same token for several different definitions that call different endpoint from the same API, OAuth2 authorization is setup in a separate section.
To setup up OAuth2, go to Administration, OAuth2 Authorizations and click new.
Give the new record a recognizable code. In the example below, the code is ENDPOINT, because the REST service it will be used for is a Business Central environment with the name “endpoint”.
In the environment field, you can provide a description of the service. Finally, on the general tab, select the grant-type. In the below example the grant-type is authorization code.
On the credentials tab, provide your username or client id and password or secret (accordingly on the Authorization Code tab, select the credential type.).
On the Authorization Code tab, provide the Auth URL and method, the Acces Token URL and method, the redirect URI and the Resource URL. Also select the correct content-type for the authorization requests and if the automatically filled property values are not correct for your specific situation, correct them.
|Auth URL||Specifies the endpoint URL for retrieving an authorization code.|
|Acces Token URL||Specifies the endpoint URL for requesting a new token.|
|Method||Specifies the HTTP method of the endpoint. Possible values are: ‘GET’ and ‘POST’|
|Redirect URL||Specifies the URL where the user will give consent.|
|Resource URL||Specifies the identifier of the WebAPI that the client wants to access on behalf of the user.|
|Scope||Optional value to limit the permissions for the requested token.|
|Credential Type||Specifies the authorization method of the OAuth2 token endpoint. Possible values are: ‘Basic’ and ‘Client-ID & Secret’|
|Content-Type||Specified the content-type used on the new token request.|
|Acces Token Property||Specifies the property name that contains the token in the response of the OAuth2 token endpoint.|
|Expires in Property||Specifies the property name that contains the token expiration timespan in the response of the OAuth2 token endpoint.|
|Refresh Token Property||Specifies the property name that contains the refresh token in the response of the OAuth2 token endpoint.|
You can now test your setup by clicking the Get Token action. When using the authorization code flow, you will be prompted to give consent. If all is working properly, you should now see a green value in the Bearer Token tab, indication till when your token is valid. If a refresh token was aquired, the Refresh Token field will show a masked value as well.
You are now ready to use your OAuth2 setup in export and import definitions.
For more info about how your tokens are saved to the database, please check isolated storage and encryption.