Commands to use for "oAuth" Authentication of Web Services
- HTTP Basic, HTTP Digest & oAuth 2.0 for Restful services
- HTTP Basic for SOAP services
For authenticating services that use HTTP Basic & HTTP Digest there are a set of 3-4 commands that can be used and the approach is straightforward. But when it comes to oAuth authentication, the approach to authentication is little complicated and need wide variety of commands to support different grant types used by the source services.
The table(s) below lists the commands in the ascending alphabetic order within each category along with a brief description of the purpose behind the command. By clicking on the hyperlinked command name in the table(s) below, you can review more detailed information about a specific command that includes the syntax for you to follow when using the commands.
The table(s) below lists the commands in the ascending alphabetic order within each category along with a brief description of the purpose behind the command. By clicking on the hyperlinked command name in the table(s) below, you can review more detailed information about a specific command that includes the syntax for you to follow when using the commands.
| Command | Purpose |
|---|---|
| setClientIdForOAuth | This command is used for OAuth authentication type. This is the unique identifier generated for the client or application who wants to use the authentication service provider. Many applications has integrated google and Facebook as a Oauth2 identity service. So, all those applications have unique id given by Google or Facebook |
| setAccessTokenURLForOAuth | This command is used for OAuth authentication type. The authentication server of the provider, which is used to exchange an authorization code for an access token. The token endpoint is used with every authorization grant except for the implicit grant type. |
| setAuthorizationURLForOAuth | This command is used for OAuth authentication type. The endpoint for the API provider authorization server, which is used to retrieve the authorization code in authorization code grant type which is then used to retrieve the access token and in case of implicit grant type the access token is returned here. |
| setAuthorizeLocatorForOAuth | This command is used for OAuth authentication type. This command is used for grant types of authorization code, authorization code with PKCE, implicit flow. This is the locator of the element that user should click to approve the access. This expects the application is already logged in and the authorization URL redirects directly to the approve access page. |
| setClientAuthenticationForOAuth | This command is used for OAuth authentication type. This command is used specify whether the client id and client secret should be sent as in the body or basic header. The values supported are “Basic”. This is optional command and default method used is send the credentials in the body. |
| setClientSecretForOAuth | This command is used OAuth authentication type. It is also a unique passcode provided to each client based on clientid. So, clientid and clientsecret both combined can have a unique identity of an application. |
| setCodeChallengeMethodForOAuth | This command is used for OAuth authentication type. This command is used for grant type authorization code with PKCE (Proof Key Code for Exchange). This specifies the algorithm to be used for generating the code challenge. The valid values are SHA-256 or Plain. This is an optional command and default value is plain. |
| setCodeVerifierForOAuth | This command is used for OAuth authentication type. This command is used for grant type authorization code with PKCE (Proof Key Code for Exchange). The code verifier is a cryptographically random string using the characters A-Z, a-z, 0-9, and the punctuation characters “-“, “.”, “_”, “~” (hyphen, period, underscore, and tilde), between 43 and 128 characters long. This is an optional command and if not specified system will auto generate the code verifier. |
| setGrantTypeForOAuth | This command is used for OAuth authentication to specify the OAuth authentication grant types to use for getting the access token. This command should be used only once. Below are valid values in the target. |
| setPasswordForOAuth | This command is used in Resource Owner Password Credentials Grant. This is password of the resource owner to the application. |
| setRedirectURLForOAuth | This command is used for OAuth authentication type. The client application callback URL to redirect to after OAuth authorization is successful. |
| setRefreshTokenForOAuth | This command is used for OAuth authentication type. This command is used for grant type of refresh token. Refresh tokens are issued to the client by the authorization server and are used to obtain a new access token when the current access token becomes invalid or expires, or to obtain additional access tokens with identical or narrower scope. |
| setScopeForOAuth | This command is used for OAuth authentication type. The scope of request access, which might include multiple space-separated values. This is a mechanism in OAuth 2.0 to limit application access to an account of a user. The specific OAuth API you’re using will define the scopes that it supports. |
| setStateForOAuth | This command is used for OAuth authentication type. An opaque value used by the client to maintain state between the request and call-back. The authorization server includes this value when redirecting the user-agent back to the client. The application generates a random string and includes it in the request. It should then check that the same value is returned after the user authorizes the application. This is used for preventing the cross-site request forgery. |
| setUserNameForOAuth | This command is used in Resource Owner Password Credentials Grant. This is username of the resource owner to the application. |