Configuring REST API connector – OAuth V2 Client Credentials

Studio provides you with several Connectors for databases like MySQL, Microsoft SQL, etc., and Third-party connectors like Slack, Trello, Stripe, etc. You can connect the different APIs using their respective authentication methods. There are different methods of API authentication, using the API Key, using basic Auth which is using the username and password, using the OAuth which is a standard for accessing user permissions without a password, the AWS authentication method, multistep authentication method, and OAuth Client Credentials.

The OAuth V2 Client Credentials are used when applications request an access token to access their own resources, not on behalf of a user, in this way clients can obtain an access token for the app using a client credential grant type outside of the context of the user. In this method, the client has to authenticate themselves to perform requests.

Configuring the third-party API connector

To add third-party connectors, under Studio > Connectors, click (+) Connector .

Studio has different options including the use of the REST API that allows you to easily connect to the Third-Party API and access important systems. It has an OAuth V2 – Client Credentials option.

Configure API Category

When configuring the APIs you need to provide the Authentication details for the respective authentication method. Let us see how to configure an API using the Client Credentials method.
Once you select the REST API, enter the Connector name which should ideally be self-explanatory.
In the Authentication section, select OAuth V2 - Client Credentials.

Configure environment-specific fields

Use the OAuth 2 Client Credentials Flow authentication type if your API supports OAuth 2 “Client Credentials” grant. Your OAuth implementation will return an access token that your DronaHQ integration will use to authorize requests to your API.

  • Enter the application credentials: You need to configure the application credentials. Simply copy the Client Id and Client Secret from the app’s API or from the developer’s setting and paste them into the connector configuration. It may also be called Consumer Key or API Key. Referenced in Studio requests as {{auth.client_id}} and {{auth.client_secret}} for Client ID and Client Secret respectively.

  • • Add Authorization data to: The Authorization parameters are sent from the user to the service provider in different ways and you can select where to add the auth data, in

    • Request Header
    • Request Body

    It is required to consume your service provider’s resources.

  • Access Token Request: It specifies the endpoint URL where Studio sends the approval code. It is sent through different method types and receives the access_token in the response.

    image

  • Scope: If you want to limit Studio’s access to your app data, define the OAuth scopes with a comma or space-separated list of values.

  • Configure test API for your connector: Add a simple API endpoint to test user environment. DronaHQ includes data from your input form in the URL Params by default; click Advanced to customize the API call if your API expects them in the header instead.

Once filled in the details, click Test Connection . Once the authentication is successful it will show the message and now you can save your connection.

Once you add your connector, you can now use it in your Studio Application

Add API

You can now add APIs based on the Connector configuration. Under Studio > Connectors you can see your connector is added. To add your new API as per the API endpoint, click Add API.

Now Add the Connector API name and the API endpoint with the required parameters and test your API.

Managing environment

You can select the Manage Environment option from the edit button of the configured connector. Here you can manage different environments such as production, staging, development, test environment, and others, of a single account by adding different credentials and other details corresponding to different environments.

Select either the environments which you haven’t configured yet, by clicking on configure or click on the configured environments to make further changes and edits.
You will see that the environments which are yet to be configured already have auto-populated details from the production environment including the client ID, client secret, access token URL, and base URL of your endpoint API. You can make changes from a single place and these changes will reflect on your respective environments.

Once done, click on Save .