Creating a Custom OAuth Application

SugarCRM uses the OAuth 2.0 authentication standard. However, unlike the typical OAuth authentication process, SugarCRM uses the "password" grant type to retrieve the access token. This means that it does not open a browser tab during authentication. This makes it easy to connect from both a Desktop Application or a Web Application.

Authenticating with Custom OAuth Consumer Keys

By default, SugarCRM uses the "sugar" client id for authentication, but users can optionally specify the client Id and client secret values of a custom app.

To create a new set of OAuth Consumer Keys:

1. Log in to SugarCRM with an account that has administrator access.
2. Navigate to the Admin Dashboard.
3. On the top right corner of the page, click your profile.
4. In the dropdown list, select Admin.
5. In the System section, select OAuth Keys. SugarCRM displays all your default Consumer Keys.
6. On the main navigation bar (on top of the site), click the OAuth Keys dropdown.
7. Select Create OAuth Key and fill the required fields:
   • OAuth Version = OAuth 2.0
   • Consumer Key = your OAuthClientId
   • Consumer Secret = your OAuthClientSecret
8. Click Save. SugarCRM creates your new OAuth Consumer Key.

When you connect the 本製品, it automatically:

1. extracts the access token from the response and authenticates requests;
2. refreshes the access token when it expires; and
3. saves OAuth values in OAuthSettingsLocation to be persisted across connections.