End 2021, Webmecanik Automation will not support OAuth 1 usage. We invite you to use OAuth 2 protocol instead, already existing in the past, we release in September 2021 a new version of this protocol to ease its implementation in a machine to machine usage.
Note that if you were already using OAuth2, you can now use the new OAuth 2 Client Credential protocol to manage a Machine to Machine communication.
OAuth2 Credentials
Start by creating a new OAuth2 API key to replace your OAuth1 API key. See here how to create an API key.
Note that if you were already using OAuth2 and want to take advantage of the Client Credential protocol for Machine to Machine communication, you will need to create a fresh new OAuth API key.
OAuth2 Client Credentials
The Client Credentials grant is used when applications request an access token to access their own resources, not on behalf of a user. When using the previous standard OAuth 2 authentication, it was requesting you to grant credential with a user credential validation. This granted credentials were relying on user rights.
Access token
To create an access token, POST a request on the oauth/v2/token endpoint using your API key, secret and the client_credentials grant type.
As explained, this access token allows you to access all your ressources on the application, it is not restricted by a user privileges.
curl --location --request POST 'https://your-automation.url/oauth/v2/token' \
--header 'Content-Type: application/json' \
--data-raw '{
"grant_type": "client_credentials",
"client_id": "",
"client_secret": ""
}'
Response should be:
{
"access_token": "OTJkNTFmMjJmNDFhGHZlOTZlNjI4YjJiNjdiYjFkNWNlMjczZWU0Zjc0MzZhYWQ1MWZjOWM4YWM5OTA5YjQ3NQ",
"expires_in": 3600,
"token_type": "bearer",
"scope": null
}
Authenticating the API Request
Authenticating the API request with OAuth2 is easy. Choose one of the following methods that is appropriate for the application’s needs:
- Use your access token either as an Authorization: Bearer header
- Or directly in the URL as a query parameter.
Authorization Header
curl --location --request GET 'https://automation.url/index_dev.php/api/contacts' \
--header 'Authorization: Bearer OTJkNTFmMjJmNDFhGHZlOTZlNjI4YjJiNjdiYjFkNWNlMjczZWU0Zjc0MzZhYWQ1MWZjOWM4YWM5OTA5YjQ3NQ'
Access token appended to the query
curl --location --request GET 'https://automation.url/api/contacts?access_token=OTJkNTFmMjJmNDFhGHZlOTZlNjI4YjJiNjdiYjFkNWNlMjczZWU0Zjc0MzZhYWQ1MWZjOWM4YWM5OTA5YjQ3NQ'
or
curl --location --request POST 'https://automation.url/api/contacts/new?firstname=test&lastname=test&email=test@test.com&access_token=OTJkNTFmMjJmNDFhGHZlOTZlNjI4YjJiNjdiYjFkNWNlMjczZWU0Zjc0MzZhYWQ1MWZjOWM4YWM5OTA5YjQ3NQ'
Using API Library
First, you need to install the Webmecanik Automation API Library 3.0.0 available here which includes support of the OAuth2 Client Credentials.
Then you can proceed as this example:
<?php
// Bootup the Composer autoloader
include __DIR__ . '/vendor/autoload.php';
use Mautic\Auth\ApiAuth;
$settings = [
'AuthMethod' => 'TwoLeggedOAuth2',
'clientKey' => '',
'clientSecret' => '',
'baseUrl' => '',
];
// $settings['accessToken'] = 'your stored access token';
$initAuth = new ApiAuth();
$auth = $initAuth->newAuth($settings, $settings['AuthMethod']);
if (!isset($settings['accessToken'])) {
// store it for one hour and use it in $settings above
$accessToken = $auth->getAccessToken();
}
// Nothing else to do ... It's ready to use.
// Just pass the auth object to the API context you are creating.
Comments
0 comments
Please sign in to leave a comment.