Most Valuable Pathfinder

How to Use OAuth 2.0 with REST API

  • 6 March 2023
  • 10 replies
  • 1406 views
How to Use OAuth 2.0 with REST API
Userlevel 5
Badge +10

This is a guest post written by Tamil Arasu, Automation Anywhere MVP and RPA Developer with Fugro Netherlands. 


In this article, you will learn how to use OAuth2.0 in the REST API package with the Bearer token. 

 

Modern authentication is used to integrate/communicate between applications. As the Automation Success Platform does not currently support OAuth2.0 on the REST API package directly, let’s see how we can connect or integrate the application via OAuth2.0 using A360. By following this method, you can establish communication between various applications via OAuth2.0 using A360 REST API Package.

 

OAuth 2.0

OAuth 2.0 is the industry-standard protocol for authorization. OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices.

 

OAuth 2.0 Bearer Token Usage

A Bearer Token is an opaque string, not intended to have any meaning to clients using it. Some servers will issue tokens that are a short string of hexadecimal characters, while others may use structured tokens such as JSON Web Tokens.

 

Let's explore the steps in the Automation Success Platform - 

 

Follow the below steps to generate the token - 

 

 

 

 

 

 

 

 

 

 

 

Mandatory Parameter Values are: 

Client ID

Client Secret

Grant Type

Scope

Client Authentication

Note:  Scope and Client Authentication may vary according to the application 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Note: Depending on the application, the parameters may differ. However, most of the settings are used in the Enterprise Applications such as Microsoft Dynamics, IFS, Oracle ERP, and other ERP Tools etc.

Below screenshot shows the Bot Editor view.

 

 

 

 

 

 

 

 

 

 

The token will appear in the message box. Once you get the token, store this value into a variable. You will be able to pass the token value as shown below. To use bearer token, you can add the Header Prefix bearer keyword to authorize an application.
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Following the above steps, you can use GET, POST,PUT, PATCH, DELETE actions and communicate between applications.

Is it possible to send attachments? Yes, it’s possible. To do that, choose the content type as multipart/form-data, and attach the file path.

 

 

 

 

 

 

In the screen below, custom headers may vary according to the application.

 

 

 

 

 

 

 

 

 

To give an example, for connecting CRM Dynamics, we can use it as shown below.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

We will receive the response message which contains the access token. Once we get the token, use the token in custom header section and retrieve the data from the CRM.

 

 

 

 

 

 

 

 

 

 

 

OAuth 2.0 authentication is the first step needed to work with a lot of Enterprise applications and this solution will help you meet the authentication requirements needed to login and interact with these applications.

 


 

If you have an idea for a blog post or tutorial that would benefit the Pathfinder Community reach out to developer@automationanywhere.com.


10 replies

Badge

Great post, it really helped… my only question is how did you pass the token to a variable

Userlevel 5
Badge +10

Hi @Tony 4522 ,

Once the token is generated, use the string operations to split and get the token value and assign to the string variable. The token assigned variable used in further API calls.

Badge

is there a way to get the response headers to get the Api calls Success or failure off its code 

 

eg.

200=ok

400=failure

Badge

is there a way to get the response Status to get the Api calls Success or failure off its code 

 

eg.

200=ok

400=failure

 

Badge +5

Hi Tamil,

I’m using multipart / form data in post method to pass a pdf file as input.. But getting the below error

 

Userlevel 5
Badge +10

 

Please see the above screen, you have to pass content type like a above.

Badge +5

Thanks @Tamil Arasu10 . It worked!

Userlevel 5
Badge +10

That’s great. Thanks for the heads up. @IK55 

Badge +5

@Tamil Arasu10  Now, i’m stuck with a strange issue.. I’m getting the operation location from Post method output and passing that dictionary variable to GET URI. When its passed as variable, its only returning Status, createdDatetTime in body but not the entire body. When I pass the URI manually, its returning the expected output. Any idea how to handle this?

 

 

Badge +5

Could anyone guide me on this pls?

Reply