Aller au contenu principal

OAuth2 Client Credentials Example

Use this example when you select OAuth2 as authentication type in DataSync and your API provider uses the client credentials. In this method, there is no interactive user sign-in and no callback. Instead, the API profile requests an access token from the token endpoint using a client ID and client secret, and DataSync uses that token to authenticate API calls.

You need to prepare and upload two scripts: GetOAuthAccessToken.rsb and employees.rsd.

Access token script

<api:script>

    <api:info title="GetOAuthAccessToken" description="Obtains the OAuth access token to be used for authentication with various APIs.">
            <output name="OAuthAccessToken" desc="The access token."/>
    </api:info>

    <api:set attr="OAuthVersion" value="2.0"/>

    <!-- Set OAuthAccessTokenURL to the URL where the request for the access token is made. -->
    <api:set attr="OAuthAccessTokenURL" value="[_connection.TokenUrl]"/>

    <!-- Set the OAuth request parameters. -->  
    <api:set attr="OAuthParam:scope" value="[_connection.Scope]" />
    <api:set attr="OAuthParam:OAuthClientId" value="[_connection.OAuthClientId]" />
    <api:set attr="OAuthParam:OAuthClientSecret" value="[_connection.OAuthClientSecret]" />
    <api:set attr="GrantType" value="CLIENT"/>

    <api:set attr="operation" value="GetOAuthAccessToken"/>
    <api:call op="utiladoCloudOAuth">
        <api:set attr="ExpiresIn" value="900" />
            <api:push/>
    </api:call>
</api:script>

Employees script

<api:script xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:api="http://apiscript.com/ns?v1">

    <api:info title="employees" desc="Returns a collection of employees." xmlns:other="http://apiscript.com/ns?v1">
        <attr name="id"                      xs:type="string" readonly="true" key="true" other:xPath="id" />
        <attr name="remoteId"                xs:type="string" readonly="true"           other:xPath="remoteId" />
        <attr name="givenName"               xs:type="string" readonly="true"           other:xPath="givenName" />
        <attr name="employeeNumber"          xs:type="string" readonly="true"           other:xPath="employeeNumber" />
        <attr name="applicableEmployment_id" xs:type="string" readonly="true"           other:xPath="applicableEmployment.id" />
        <attr name="birthDay_day"            xs:type="string" readonly="true"           other:xPath="birthDay.day" />
        <attr name="birthDay_month"          xs:type="string" readonly="true"           other:xPath="birthDay.month" />
    </api:info>

    <api:set attr="OAuthVersion" value="2.0" />
    <api:set attr="ContentType" value="application/json" />
    <api:set attr="EnablePaging" value="True"/>
    <api:set attr="RepeatElement" value="/items"/>
    <api:set attr="Header:Name#" value="Api-Version" />
    <api:set attr="Header:Value#" value="1.1" />

    <api:script method="GET">
        <api:set attr="method" value="GET" />
        <!-- Set the endpoint URL using connection properties. -->
        <api:set attr="URI" value="[_connection.ApiBaseUrl]/employees" />
        <api:call op="apisadoExecuteJSONGet">
            <api:push/>
        </api:call>
    </api:script>
</api:script>
```xml