This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

REST OAuth2 Account - 'Client Credentials' grant type

PSAmmirata
Employee
Employee

‎04-02-2020 01:48 PM

I’m working with an application that supports ‘Client Credentials’ and ‘Authorization Code’ grant types in the authorization request; however, doesn’t support refresh tokens. What is the value of selecting the ‘Client Credentials’ grant type in the REST OAuth2 Account? Does the REST OAuth2 Account make the authorization request and get the token when the first document enters the REST snap that’s using the account? What’s the purpose of the ‘Authorize’ button when the grant type is ‘Client Credentials’ since the token will expire at some point? Is it just to validate that the account has been configured correctly?

I have the same questions if the grant type is ‘Authorization Code’ and the api doesn’t support refresh tokens.

Reply
17 REPLIES 17

dmiller
Former Employee

‎04-02-2020 03:17 PM

@PSAmmirata I’m in discussions with Dev on this as I’m also working with an app with no refresh token.


Diane Miller
0 Kudos
Reply

dmiller
Former Employee

‎04-02-2020 04:16 PM

I have created an account with Client Credentials and when the access token expires, I use Authorize to manually grant me a new token.

An issue has been submitted for refresh of Client Credentials.


Diane Miller
Reply

PSAmmirata
Employee
Employee

‎04-03-2020 11:24 AM

Since I have a need to run my pipeline as a scheduled task it’s not feasible to use the SnapLogic REST OAuth2 Account and manually/periodically click on ‘authorize’ to get a new access token. If there’s a way to automate the periodic authorization in such a way that makes the new access token available to pipelines that want to use it please let me know.

In lieu of that workaround/solution we’re adding a REST Post snap to explicitly make the authorization request and get the access token as part of the pipeline. The drawbacks that I can see are that the client id, secret, and access token are not secure like they would be in the REST OAuth2 Account. Also, if we have more than one pipeline running at a time that make an authorization request using the same client ID, it’s possible that one pipeline may make an authorization request that causes the access token of another pipeline to become invalid.

Reply

mramaswamy
New Contributor II
In response to PSAmmirata

‎01-21-2021 02:32 AM

I am working on a similar app where I am not getting the Refresh Token. Will you be able to share the REST Post snap you are using for the authorization request?

0 Kudos
Reply