OAuth2 Settings

OAuth2 Settings

The SaveToDB add-in lets you configure OAuth2 provider settings when connecting to web data sources.

You can set it up for any provider. Here's an example of the settings for ZohoCRM:

SaveToDB OAuth2 Settings

The configuration page includes a textbox for the provider name and three sections:

  1. Client Application
  2. Service URLs
  3. URL and Body Formats

Client Application

The Client Application section includes:

  • Client ID
  • Client Secret
  • Redirect URI
  • Scope

You obtain these values when you register your application with your OAuth2 provider.

We plan to add built-in registered applications for popular providers in future versions.

Typically, you can adjust the scope. Check your OAuth provider's documentation for details.

In the example above, the settings request all permissions for all modules, along with read permissions for the settings.

Service URLs

The Service URLs section contains:

  • Authorization URL
  • Get Token URL
  • Refresh Token URL
  • Revoke Token URL

You can find these URLs in your OAuth2 provider's documentation.

You can specify URLs directly or use variables.

For instance, the Refresh Token URL can include the {get_token_url} variable. The add-in will then use the value from the Get Token URL field.

Using variables allows you to create dynamic URLs based on values from previous steps.

For example, ZohoCRM returns the accounts-server value in the authorization response, which is not common for other providers. The add-in supports such values, allowing you to use the {accounts-server} variable in the Get Token URL.

URL and Body Formats

The URL and Body Formats section specifies the formats for URLs and request bodies.

OAuth2 defines standard formats, and the add-in provides default values built using variables.

You can modify these formats to meet your OAuth2 provider's requirements.

Variables

You can use the dialog box field values in the URL and body formats:

FieldVariable
Client Application
Client ID{client_id}
Client Secret{client_secret}
Redirect URI{redirect_uri}
Scope{scope}
Service URLs
Authorization URL{authorization_url}
Get Token URL{get_token_url}
Refresh Token URL{refresh_token_url}
Revoke Token URL{revoke_token_url}
URL and Body Formats
Authorization URL{authorization_url_format}
Get Token URL{get_token_url_format}
Get Token Body{get_token_body_format}
Refresh Token URL{refresh_token_url_format}
Refresh Token Body{refresh_token_body_format}
Revoke Token URL{revoke_token_url_format}
Revoke Token Body{revoke_token_body_format}

The table below lists typical values defined in OAuth2:

FieldTypical Value
Service URLs
Refresh Token URL{get_token_url}
Revoke Token URL{get_token_url}/revoke
URL and Body Formats
Authorization URL{authorization_url}?scope={scope}&client_id={client_id}&response_type={response_type}&redirect_uri={redirect_uri}
Get Token URL{get_token_url}
Get Token Bodygrant_type={grant_type}&client_id={client_id}&client_secret={client_secret}&redirect_uri={redirect_uri}&code={code}
Refresh Token URL{refresh_token_url}
Refresh Token Bodyrefresh_token={refresh_token}&client_id={client_id}&client_secret={client_secret}&grant_type={grant_type}
Revoke Token URL{revoke_url}
Revoke Token Bodytoken={refresh_token}

You can also use the following variables defined in authorization requests or obtained from authorization responses:

VariableValue
{response_type}code
{grant_type}authorization_code in the authorization request and refresh_token in the refresh token request
{code}The code value from the authorization response
{access_token}The access_token value from the get token response
{refresh_token}The refresh_token value from both get and refresh token responses
{token_type}The token_type value from get and refresh token responses
{expires_in}The expires_in value from get and refresh token responses

This website is using cookies. By continuing to browse, you give us your consent to our use of cookies as explained in our Cookie Policy.