Hi,
When I am using OAuth v2 can I make the client id and client secret be input data. Like below?
Best answer
Is it possible to set OAuth2 client_id and client_secret as input fields?
- Beginner
Best answer by Zane
You can do that, but adding them as user input fields in your auth config. But for OAuth implementation on Zapier, which uses the authorization code flow, to do so would only make sense in one circumstance: your users are self-hosting an app that uses oauth. For instance, our GitLab integration does this because one can use the SaaS instance of the product, or your can self-host it. To configure a self-hosted product, you’re going to want to collect a host url as well.
If you’re trying to collect client id and secret from a user because you’re doing a different kind of oauth flow, like, like “client credentials”, one of the other Zapier auth configs is better suited for this, the Session auth config type, for instance.
Happy to expand on that answer and help you pick the right config for your integration if that all didn’t make total sense.
This post has been closed for comments. Please create a new post if you need help or have a question about this topic.
- Zapier Staff
- Answer
You can do that, but adding them as user input fields in your auth config. But for OAuth implementation on Zapier, which uses the authorization code flow, to do so would only make sense in one circumstance: your users are self-hosting an app that uses oauth. For instance, our GitLab integration does this because one can use the SaaS instance of the product, or your can self-host it. To configure a self-hosted product, you’re going to want to collect a host url as well.
If you’re trying to collect client id and secret from a user because you’re doing a different kind of oauth flow, like, like “client credentials”, one of the other Zapier auth configs is better suited for this, the Session auth config type, for instance.
Happy to expand on that answer and help you pick the right config for your integration if that all didn’t make total sense.
Hi
So to confirm… when using the browser-based developer platform, I would enter it as follows (having already defined these fields in the Authentication Fields section):
But then further down at Step 4: Add OAuth v2 Endpoint Configuration (e.g.: Authorization URL, Access Token Request and Refresh Token Request) should these now be used as part of the process.env? Or bundle.inputData? I thought they should be now stored in {{process.env.CLIENT_ID}} and {{process.env.CLIENT_SECRET}} but it doesn’t seem to work. So I tried the below, but it did not authorise.
E.g.:
Any ideas or suggestions much appreciated! Thank you.
Kind regards,
Paul
+12- Zapier Solution Partner
Hi
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.