03-09-2022 11:43 AM
Hi,
This is a very novice question, but I am having trouble with a post request snap. This is just to authenticate with the RingCentral platform to receive a token for API consumption. I am able to successfully retrieve an access token when calling the oauth/token endpoint in Postman. The issue arises when I try to move this post call into SnapLogic. The call requires certain parameters to be passed through the body and I am not sure how to duplicate this in SnapLogic post snap. Please see the screenshot of the Postman call Body tab below.
I have created a basic account in SnapLogic to store the username and password and my post snap references that account. I am also aware that the credentials of a basic account can be accessed using the “Account.Username” and Account.Password" of the respective referenced account within the snap.
I am just not sure how to build out the body section in the “x-www-form-urlencoded” format as shown in the screenshot? The error I get back when validating this post snap is just a 400: Bad Request.
Any insight/help that anyone could provide would be greatly appreciated. Please let me know if additional information is needed to provide assistance.
Thanks,
James
03-10-2022 06:43 AM
I think we can, but first I want to ask, would passing the credentials as pipeline parameters expose them to be intercepted by unwanted parties?
03-10-2022 06:58 AM
We went ahead and tried it, since it is a sandbox account and it worked, but where do we go from here?
03-10-2022 07:13 AM
I think I missed something. Why move the credentials to pipeline parameters when you can just use account.username and account.password?
03-10-2022 07:27 AM
I’m wondering the same thing. I also wonder if maybe I just need to delete that account and recreate it?
03-10-2022 07:27 AM
Are you saying that you got it working by removing the account from the snap and replacing account.username and account.password with pipeline parameters in your HTTP Entity expression?
If that’s the case, it means the server is rejecting the request because of the Authorization header added by the account. So that does leave you in a tough spot, since the only way to keep the password secure is by using an account.