Using OAuth Authentication
Note: This authentication method is only available for suitecrmv8 schema.
The SuiteCRM V8 API uses OAuth2.0 as its main method of authentication using 2 types of grant type, password or client credentials. To authenticate to SuiteCRM V8 API, please do the following. Note that you have to be an admin to create credentials, create roles, assign roles to users etc.
Note: The OAuth flow is the same in a headless machine.
Register an Application
To obtain the OAuth client credentials, the consumer key, and consumer secret:
- Log in to your admin account.
- On profile dropdown select Admin > OAuth2 Clients and Tokens and click New Password Client or New Client Credentials Client.
- Enter a name and a secret.
- Click Save.
Assign Roles for API Access
Usually when authenticating with a client credentials grant type, you will have full access to the API. For authentication with password grant type, the user should have permissions for each module/table.
Users' access to certain resources can be set by configuring REST roles and assigning users to the specific REST roles.
To create a role:
- On the profile dropdown, select Admin > Role Management and click Create Role.
- Enter name and description and click Save. Then, you will be redirected to the role configuration menu where you can select permissions to any operation on any module.
- After you are done with setting up the permissions, you can click Save.
To assign a role to a user:
- On profile dropdown, select Admin > Role Management and click on the role you want to assign to a user.
- Scroll down to the bottom and click Select User.
- A user search window will appear.
- Select the users you want to assign the role to and click Select > Save.