oAuth2 Authentication

OAuth2 is an authorization flow enabling applications to obtain limited access to user accounts, without communicates any private information or password. Workflow Manager provides a unified interface to connect on various platforms:

Google Drive.
YouTube.
Vimeo.
Twitter.
DropBox.
Microsoft OneDrive.

OAuth2 Flow description:

You (workflow manager) generate an authorization URL. You communicate this URL to your customer:

Customer has to connect to his account with a browser, and grand access to your application.
Platform will redirect the browser and display an activation code.
Customer bring you back this activation code.
Finally, you setup the authenticate token in Workflow manager.

To enable authentication over oAuth2, you have to create an application on the desired platform and retrieve a CLIENT_ID and CLIENT_SECRET.

Generating new authorization request

new_authorization

Once you have filled the Client Id and Client Secret fields, and clicked the new_authorization_button button, a new Authorization request field appears.

new_authorization_request

Copy the field content, communicate it to your customer, or open it with a web browser. It will display the access dialog specific for each platform, and ask to allow the application (Workflow manager) some access to this user account.

When grants are accorded to Workflow Manager application, the platform will redirect the browser, and display an activation code. Copy or ask to your customer to bring you back this activation code.

NB:
activation code has a limited time life, depending of the target platform.

Just click the set_activation_button button to display activation dialog.

activation_code

Enter the provided activation code in corresponding field, and click the Process button. As final step, Workflow manager will contact the platform and exchange this activation code with an Authentication token. This Authentication token will be used at execution time to perform operation on platform user account, as read or write file content.

activation_code

A new Actual authorization field and a test_validity_button button appear, confirming a successful exchange. This token will be active as long as workflow manager is registered to the user account, or a new grant flow is processed.

NB:
Grants to Workflow manager can be revoked at any time by the user account, generating access error at runtime.

If you are not sure of the validity of a token, press set_activation_button . Workflow manager will contact the platform to perform test operation. If test is successful, following dialog is displayed.

In case of invalid token, an error dialog appears.

oauth_report