OAuth Provider
OAuth 2.0 support for Rest API authentication
OAuth 2.0 is the industry-standard protocol for authorization. OAuth Provider profiles can be set up here. Adding an OAuth Provider in Applications Manager will generate an Access Token that can be used to authenticate an API endpoint secured by OAuth 2.0 in Rest API Monitor. Three types of grants are supported:
- Authorization Code Grant
- Client Credentials grant
- Resource Owner Credentials Grant
If the REST API endpoint is authenticated using an OAuth token, you can configure an OAuth provider from :
- The Add new OAuth Provider link in the new monitor page - Click the "Add new OAuth Provider" after choosing Use OAuth in the Add new Rest API monitor screen.
- The OAuth Provider link under the Settings tab → Discovery and Data Collection → Credential Settings → OAuth Provider - Provider profiles can be set up here.
Once a OAuth Provider profile is set up, the Provider table displays the following information:
- Provider Name - The name of your OAuth Application provider.
- Access Token - String or a JSON web token used by an application to access the API.
- Refresh Token - Credentials that can be used to acquire new access tokens.
- Access Token Expiration Time - The date and time that the token will expire.
Add new OAuth Provider
Visit the OAuth Provider page where Applications Manager has been registered as a client. Refer to the Client ID and Client Secret and fill in the following details in the Applicarions Manager client to add the new provider:
- Enter the Provider Name - the name of your OAuth Application provider.
- Enter the Client ID & Client Secret- The unique alphanumeric string that you received from the OAuth provider while registering Applications Manager as a client.
- Specify the OAuth Flow based on the authorization flow supported by the REST API
- Authorization Code Grant Type:
- Client Credentials Grant
- Resource Owner Credentials Grant Type:
a. Username & Password: The credentials the application being accessed by the REST API
- Enter the Token endpoint URL of the OAuth Provider from where the Access Token is retrieved.
- Specify the Token Request Method - the Method to send the client ID and Secret in the request to get the Access Token. Basic authentication sends the data as Authorization header, while Post Request Body will send them as POST payload.
- Enter the Request body with any other parameters to be sent in the request POST payload. ( All data will be sent as form payload type.)
- Enter the Request Headers field with any other header parameters that has to be sent along with the token request.
- Specify the Authenticated request method used to submit access tokens to this OAuth provider.
Note:
Authorization endpoint URL and Token endpoint URL will vary based on the domain to which the Zoho account belongs to.
Eg : If the application is registered in eu domain (https://api-console.zoho.eu/). Authorization endpoint URL will be https://accounts.zoho.eu/oauth/v2/auth and Token endpoint URL will be https://accounts.zoho.eu/oauth/v2/token.
Use the following values to configure OAuth setup for SDP Cloud:
- Authorization endpoint URL : https://accounts.zoho.com/oauth/v2/auth
- Scope :
SDPOnDemand.requests.ALL
SDPOnDemand.setup.ALL
SDPOnDemand.general.ALL
SDPOnDemand.cmdb.ALL
- Query Parameters :
Name - access_type
Value - offline
- Token endpoint URL : https://accounts.zoho.com/oauth/v2/token
- Choose Post request body for Token Request Method.
Use the following values to configure OAuth setup for Site24x7:
- Authorization endpoint URL : https://accounts.zoho.com/oauth/v2/auth
- Scope :
Site24x7.Admin.Read
Site24x7.Reports.Read
- Query Parameters :
Name - access_type
Value - offline
- Token endpoint URL : https://accounts.zoho.com/oauth/v2/token