Creating a Custom OAuth App
When To Create a Custom OAuth Application
CData embeds OAuth Application Credentials with CData branding that can be used when connecting via a desktop application or headless application.You may choose to use your own OAuth Application Credentials when you want to
- control branding of the Authentication Dialog
- control the redirect URI that the application redirects the user to after the user authenticates
- customize the permissions that you are requesting from the user
Create a Custom App
You will need to log in to https://integrate.37signals.com and register an application to obtain the OAuth client credentials, the OAuthClientId and OAuthClientSecret. You will also need to configure a CallbackURL.
If you are making a desktop application, set the Redirect URL in your application settings to http://localhost:33333 or a different port number of your choice. If you are building a Web application, set the Redirect URL in your application settings to a page on your Web application you want the user to return to after authorizing your application. Set the Redirect URL in your application settings to http://localhost:33333 or a different port number of your choice.
Authenticate to Highrise in a Desktop Application
After setting the following connection properties, you are ready to connect:
- InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken connection property.
- OAuthClientId: Set this to the Client Id in your application settings.
- OAuthClientSecret: Set this to the Client Secret in your application settings.
- CallbackURL: Set this to the Redirect URL you specified in your application settings.
- AccountId: Copy this from the URL after you log in to Highrise. For example, if your instance URL is https://MyInstance12345.highrisehq.com/, set the AccountId property to ' MyInstance12345 '.
When you connect the provider opens the OAuth endpoint in your default browser. Log in and grant permissions to the application. The provider then completes the OAuth process:
- Extracts the access token from the callback URL and authenticates requests.
- Refreshes the access token when it expires.
- Saves OAuth values in OAuthSettingsLocation. These values persist across connections.
Authenticate to Highrise from a Web Application
To obtain the access token, set the following connection properties:
- OAuthClientId: Set this to the Client Id in your application settings.
- OAuthClientSecret: Set this to the Client Secret in your application settings.
- CallbackURL: Set this to a page on your website you would like users to be redirected to after authorizing your application.
When connecting via a Web application, or if the provider is not authorized to open a browser window, you need to exchange a verifier code for the OAuthAccessToken:
- Call GetOAuthAuthorizationURL. The stored procedure returns the URL to the OAuth endpoint.
- Log in and authorize the application. You are redirected back to the callback URL.
- Extract the verifier code from the "code" query string parameter of the CallbackURL and call GetOAuthAccessToken.