Question

Issue with OAuth2 Access Token Authorization

  • 23 November 2020
  • 7 replies
  • 125 views

Userlevel 1

I’m trying to setup authorization for a private app that I am working on integrating into our workflow. The organization has provided me with the API documentation, and I can get the authorization and connection to work within Postman, but can’t get the authorization to work within the Zapier Platform UI when using the Oauth2 method. I can get it to work through the Basic Auth method, but of course the access_token expires and I’m constantly having to reconnect. I have posted the API documentation to my Zoho Workdrive at the link below. 

 

https://workdrive.zohoexternal.com/external/3MC15kf9NqV-L9Rvf

 

The API seems to be pretty straight forward, like I said I have gotten it to work in Postman, but I have the same issue of course with the access_token expiring. I have the application credentials, but what I’m not sure about when using the Oauth2 method is that I’m not sure what the Authorization URL is, the system I’m trying to connect to seems to use the “POST” method rather than “GET”, and when I change the method to “POST” I continue to get an error message. If I keep it at the “GET” method listed and use the same credentials I’m using in Postman, I get the following return message: 

 

"reason": "Full authentication is required to access this resource",

    "status": 401

 

I wasn’t sure if someone could possibly give me some assistance or maybe point me in the right direction. 


7 replies

Userlevel 7
Badge +10

Hi @lutzjs 

I’m moving this to “Developer Discussion” as it will get more attention there.

Also, @ikbelkirasan may be able to help with this.

Userlevel 7
Badge +10

Hi @lutzjs - It seems that the API you’re working with supports the 2-legged OAuth2 using client_credentials grant type. However, Zapier’s OAuth2 authentication method supports the authorization_code grant type which I’m not sure whether it’s supported by your API.

Anyway, assuming that the API only supports client_credentials flow, you should use the Session authentication in Zapier instead of OAuth2. Your integration should ask the user to enter their Client ID and Client Secret keys then in your app, use those credentials to get an access token by sending a POST request to https://api.proctorfree.com/oauth/token as documented in page 10.

You might want to take a look at the Session Auth documentation page as well: https://platform.zapier.com/docs/session

I hope this is helpful to you!

 

Userlevel 7
Badge +10

Hi @lutzjs - Just checking in to see if the answer above was helpful to you? Let me know. Thanks!

Userlevel 1

I thought that I got it to work, and I can get everything to authenticate within the developer platform, however when I go to Zapier and try to setup a zap, each time I think I’ve connected, I end up receiving an email from Zapier stating that they encountered an “authentication” problem and I need to reconnect. 

Each time I try reconnecting I continue to get the same email from Zapier. So I’m not sure what is happening. 

Userlevel 1

My bad, I think I’ve got it working now. I didn’t realize that I needed to modify all of my URL API headers for each call, I thought it pulled over the headers from the test in the authentication piece. So I’m still moving along, I’ll see if I run into some additional issues or not. 

Userlevel 7
Badge +10

That’s great news! Let’s us know if there’s any other issue.

Userlevel 3
Badge +4

@ikbelkirasan When I have encountered tis issue “reason": "Full authentication is required to access this resource  status: 401” I find that adding an Authorization Header with Basic Auth clears this up...I have seen lot;s of documentation forgetting this so fairly common.  

User the Client_ID as the username and Client_secret as the password. Also it needs to be 64bit encrypted/

Reply