Using OAuth Authentication
SugarCRM uses the OAuth 2.0 authentication standard. It uses the "password" grant type to retrieve the access token, therefore it does NOT open a browser tab during the authentication process. This makes it easy to connect from both a Desktop Application or a Web Application.
You can authenticate with your SugarCRM account using your user-credentials.
OAuth
After setting the following properties, you are ready to connect:
- User: Set this to the username of the SugarCRM account you're trying to access.
- Password: Set this to the password of the SugarCRM account you're trying to access.
- Url: Set this to the URL of the SugarCRM instance you're trying to access.
In addition to the above 3 properties you can (optionally) specify your own OAuth Consumer Keys to be used during the authentication process. This is done using properties OAuthClientId and OAuthClientSecret. To create a new set of OAuth Consumer Keys you must first be logged in as an admin. After that, follow the below steps:
- Open SugarCRM on your browser and navigate to the Admin Dashboard.
- On the top-right of the site click on your profile and then click on "Admin".
- In the "System" section select "OAuth Keys". Now all your default Consumer Keys will appear.
- On the main navigation bar (on top of the site) find "OAuth Keys" and click the arrow to open the dropdown list.
- Click on "Create OAuth Key".
- Fill the required fields. Set "OAuth Version" to "OAuth 2.0". The values you'll be filling for "Consumer Key" and "Consumer Secret" are your OAuthClientId and OAuthClientSecret, respectively.
- Hit "Save" and your new OAuth Consumer Key will be created.
When you connect the driver the driver automatically:
- Extracts the access token from the response and authenticates requests.
- Refreshes the access token when it expires.
- Saves OAuth values in OAuthSettingsLocation to be persisted across connections.
Persisting OAuth Values
You do not need to reauthenticate when you open a new connection: The driver saves the temporary tokens resulting from the OAuth exchange into OAuthSettingsLocation to be persisted across connections.
This property is also useful if you need to connect with multiple SugarCRM accounts simultaneously, as it enables you to save the authentication values for each in a different file.