Highrise CRM uses the OAuth authentication standard, which requires the authenticating user to interact with Highrise CRM via the browser. The adapter facilitates the OAuth exchange in various ways as described below.

Create an App

You will need to log in to https://integrate.37signals.com and register an app to obtain the OAuth client credentials, the OAuthClientId and OAuthClientSecret. You will also need to configure a CallbackURL.

Authenticate to Highrise CRM in a Desktop Application

After setting the following connection properties, you are ready to connect:

• InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken connection property.
• OAuthClientId: Set this to the Client Id in your app settings.
• OAuthClientSecret: Set this to the Client Secret in your app settings.
• CallbackURL: Set this to the Redirect URL you specified in your app settings.
• AccountId: Copy this from the URL after you log in to Highrise. For example, if your instance URL is https://MyInstance12345.highrisehq.com/, set the AccountId property to ' MyInstance12345 '.

When you connect the adapter opens the OAuth endpoint in your default browser. Log in and grant permissions to the application. The adapter then completes the OAuth process:

1. Extracts the access token from the callback URL and authenticates requests.
2. Refreshes the access token when it expires.
3. Saves OAuth values in OAuthSettingsLocation to be persisted across connections.

Authenticate to Highrise CRM from a Web Application

To obtain the access token, set the following connection properties:

• OAuthClientId: Set this to the Client Id in your app settings.
• OAuthClientSecret: Set this to the Client Secret in your app settings.
• CallbackURL: Set this to a page on your website you would like users to be redirected to after authorizing your application.

When connecting via a Web application, or if the adapter is not authorized to open a browser window, you need to exchange a verifier code for the OAuthAccessToken:

1. Call GetOAuthAuthorizationURL. The stored procedure returns the URL to the OAuth endpoint.
2. Log in and authorize the application. You are redirected back to the callback URL.
3. Extract the verifier code from the "code" query string parameter of the CallbackURL and call GetOAuthAccessToken.

To make requests to Highrise CRM, set OAuthAccessToken and AccountId. When the access token expires, call RefreshOAuthAccessToken. Given a refresh token as input, it returns a valid OAuth access token.