Custom Credentials
When to Use a Custom OAuth App
Creating a custom OAuth app is required in the web flow. Creating a custom OAuth app is optional for desktop and headless applications; the driver is already registered with SurveyMonkey and you can connect with its embedded credentials. Creating a custom OAuth app is optional as the driver is already registered with SurveyMonkey and you can connect with its embedded credentials.You might want to create a custom OAuth app to change the information displayed when users log into SurveyMonkey to grant permissions to the driver.
Desktop Authentication with a Custom OAuth App
Follow the steps below to authenticate with the credentials for a custom OAuth app. See Creating a Custom OAuth App for more information.Get and Refresh the OAuth Access Token
After setting the following connection properties, you are ready to connect:
- AuthScheme: Set this to OAuth.
- OAuthClientId: Set this to the client Id in your app settings.
- OAuthClientSecret: Set this to the secret in your app settings.
- CallbackURL: Set this to the OAuth Redirect URL that you specified to use your own OAuth app.
- InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken connection property.
- Extracts the access token from the callback URL and authenticates requests.
- Refreshes the access token when it expires.
- Saves OAuth values in OAuthSettingsLocation to be persisted across connections.
Authenticate to SurveyMonkey from a Web Application
When connecting via a Web application, or if the driver is not authorized to open a browser window, use stored procedures and set InitiateOAuth to manage the temporary OAuth tokens.
Get an Access Token
To obtain the access token, set the following connection properties:- OAuthClientId: Set this to the ClientId that you received.
- OAuthClientSecret: Set this to the ClientSecret that you received.
With these properties set, follow the steps below to call stored procedures to obtain the OAuthAccessToken:
- Call GetOAuthAuthorizationURL. The stored procedure returns the URL to the OAuth endpoint, along with the request token and secret.
-
Go to that URL and log in to authorize the application. Afterwards, you are redirected back to the callback URL.
When you are redirected, the callback URL contains the code query string parameter.
- Set the following parameters and call GetOAuthAccessToken:
Name Value AuthMode WEB Verifier Set this to the verifier code.
Connect to Data
Set the following to authenticate your requests for data:
- OAuthAccessToken: Set this to the OAuthAccessToken returned by the GetOAuthAccessToken stored procedure.
Refresh the Token
You can set InitiateOAuth to REFRESH to automatically refresh the OAuth access token when it expires.
To connect to data and automatically refresh the OAuthAccessToken, set the following on the first data connection:
- InitiateOAuth
- OAuthSettingsLocation
- OAuthClientId
- OAuthClientSecret
- OAuthAccessToken
- OAuthRefreshToken
On subsequent data connections, set the following:
- InitiateOAuth
- OAuthSettingsLocation