OAuth Provider

OAuth 2.0 support for Rest API authentication

OAuth 2.0 is the industry-standard protocol for authorization. OAuth Provider profiles can be set up here. Adding an OAuth Provider in Applications Manager will generate an Access Token that can be used to authenticate an API endpoint secured by OAuth 2.0 in Rest API Monitor. Three types of grants are supported:

• Authorization Code Grant
• Client Credentials grant
• Resource Owner Credentials Grant

If the REST API endpoint is authenticated using an OAuth token, you can configure an OAuth provider from :

• The Add New OAuth Provider link in the new monitor page - Click the "Add new OAuth Provider" after choosing Use OAuth in the Add new monitor screen.
• The OAuth Provider link under the Settings tab → Discovery and Data Collection → Credential Settings → OAuth Provider - Provider profiles can be set up here.

Once a OAuth Provider profile is set up, the Provider table displays the following information:

• Provider Name - The name of your OAuth Application provider.
• Access Token - String or a JSON web token used by an application to access the API.
• Refresh Token - Credentials that can be used to acquire new access tokens.
• Access Token Expiration Time - The date and time that the token will expire.

Browse through the following topics to learn how to configure OAuth based on following OAuth providers in Applications Manager:

• Google Suite (G-Suite)
• Zoho
• Microsoft Exchange Web Services (EWS)

Add new OAuth Provider

Visit the OAuth Provider page where Applications Manager has been registered as a client. Refer to the Client ID and Client Secret and fill in the following details in the Applicarions Manager client to add the new provider:

1. Enter the Provider Name - the name of your OAuth Application provider.
2. Enter the Client ID & Client Secret- The unique alphanumeric string that you received from the OAuth provider while registering Applications Manager as a client.
3. Select the Grant Type based on the authorization flow supported by the REST API and specify the following options for respective grant types selected (Authorization Code / Client Credentials /Resource Owner Credentials):
   • Authorization endpoint URL: The API Authorization Endpoint of the OAuth provider.

   • Query parameters: Additional query parameters "name-value pair" that needs to be appended to the authorization endpoint URL along with the standard params like: redirect_uri and response_type.

     Note: The parameters client_id, client_secret & grant_type need not be added explicitly, as they are sent by default.
   • Redirect URI: The Applications Manager URL to which the redirection happens after a successful authorization. This will be auto-populated and can't be modified by the user.
   • Resource Owner Credentials: Specify the credential details, such as the Username and Password of the application being accessed by the REST API.
4. Specify the OAuth Scope that Applications Manager might need to request for the access of the REST API resource. You can provide multiple scopes depending on the level of access you need while monitoring.
5. Enter the Token endpoint URL of the OAuth Provider from where the Access Token is retrieved.
6. Specify the Token Request Method - the Method to send the client ID and Secret in the request to get the Access Token. Basic authentication sends the data as Authorization header, while Post Request Body will send them as POST payload.
7. Enter the Request body with any other parameters to be sent in the request POST payload. ( All data will be sent as form payload type.)
8. Enter the Request Headers field with any other header parameters that has to be sent along with the token request.
9. Specify the Authenticated request method used to submit access tokens to this OAuth provider.
10. Finally, click on Authorize to save and complete.