OAuth Provider


OAuth 2.0 support for Rest API authentication

OAuth 2.0 is the industry-standard protocol for authorization. OAuth Provider profiles can be set up here. Adding an OAuth Provider in Applications Manager will generate an Access Token that can be used to authenticate an API endpoint secured by OAuth 2.0 in Rest API Monitor. Three types of grants are supported:

  • Authorization Code Grant
  • Client Credentials grant
  • Resource Owner Credentials Grant

If the REST API endpoint is authenticated using an OAuth token, you can configure an OAuth provider from :

  • The Add new OAuth Provider link in the new monitor page - Click the "Add new OAuth Provider" after choosing Use OAuth in the Add new Rest API monitor screen.
  • The OAuth Provider link under the Settings tab → Discovery and Data CollectionCredential SettingsOAuth Provider - Provider profiles can be set up here.

Once a OAuth Provider profile is set up, the Provider table displays the following information:

  • Provider Name - The name of your OAuth Application provider.
  • Access Token - String or a JSON web token used by an application to access the API.
  • Refresh Token - Credentials that can be used to acquire new access tokens.
  • Access Token Expiration Time - The date and time that the token will expire.

Add new OAuth Provider

Visit the OAuth Provider page where Applications Manager has been registered as a client. Refer to the Client ID and Client Secret and fill in the following details in the Applicarions Manager client to add the new provider:

  1. Enter the Provider Name - the name of your OAuth Application provider.
  2. Enter the Client ID & Client Secret- The unique alphanumeric string that you received from the OAuth provider while registering Applications Manager as a client.
  3. Specify the OAuth Flow based on the authorization flow supported by the REST API
    • Authorization Code Grant Type:
      • Authorization endpoint URL: The API Authorization Endpoint of the OAuth provider
      • Scope: Specify the OAuth scope that Applications Manager might need to request for the access of the REST API resource. You can provide multiple scopes depending on the level of access you need while monitoring.
      • Query parameters: Additional query parameters "name-value pair" that needs to be appended to the authorization endpoint URL along with the standard params like: redirect_uri and response_type.
        Note: The parameters client_id, client_secret & grant_type need not be added explicitly, as they are sent by default.
      • Redirect URI: The Applications Manager URL to which the redirection happens after a successful authorization. This will be auto-populated and can't be modified by the user.
    • Client Credentials Grant
    • Resource Owner Credentials Grant Type:
      a. Username & Password: The credentials the application being accessed by the REST API
  4. Enter the Token endpoint URL of the OAuth Provider from where the Access Token is retrieved.
  5. Specify the Token Request Method - the Method to send the client ID and Secret in the request to get the Access Token. Basic authentication sends the data as Authorization header, while Post Request Body will send them as POST payload.
  6. Enter the Request body with any other parameters to be sent in the request POST payload. ( All data will be sent as form payload type.)
  7. Enter the Request Headers field with any other header parameters that has to be sent along with the token request.
  8. Specify the Authenticated request method used to submit access tokens to this OAuth provider.
Note:
Authorization endpoint URL and Token endpoint URL will vary based on the domain to which the Zoho account belongs to.
Eg : If the application is registered in eu domain (https://api-console.zoho.eu/). Authorization endpoint URL will be https://accounts.zoho.eu/oauth/v2/auth and Token endpoint URL will be https://accounts.zoho.eu/oauth/v2/token.

Use the following values to configure OAuth setup for SDP Cloud:
  • Authorization endpoint URL : https://accounts.zoho.com/oauth/v2/auth
  • Scope :
    SDPOnDemand.requests.ALL
    SDPOnDemand.setup.ALL
    SDPOnDemand.general.ALL
    SDPOnDemand.cmdb.ALL
  • Query Parameters :
    Name - access_type
    Value - offline
  • Token endpoint URL : https://accounts.zoho.com/oauth/v2/token
  • Choose Post request body for Token Request Method.
 
Use the following values to configure OAuth setup for Site24x7:
  • Authorization endpoint URL : https://accounts.zoho.com/oauth/v2/auth
  • Scope :
    Site24x7.Admin.Read
    Site24x7.Reports.Read
  • Query Parameters :
    Name - access_type
    Value - offline
  • Token endpoint URL : https://accounts.zoho.com/oauth/v2/token