06-20-2024 01:47 PM - edited 06-20-2024 01:48 PM
I'm building an integration that uses an OAuth 2.0 endpoint to return an access token for a 3rd-Party REST API service. I'm unlikely to be able to get a client-credentials grant for machine-to-machine RSET interactions (which would be ideal, so I have to proceed this way). It's Xero (don't ask....)
The authentication endpoint uses a user/password followed by 2FA challenge in order to allow the API scope to be set, and an access token (and refresh token) to be returned to a redirect URL.
I can do this easily in PostMan because PostMan - whilst not having a valid redirect URL - can intercept the request and extract the information in the URL/response Headers sufficiently for them to be used in subsequent API Requests.
I'd rather not do this in PostMan going forward, and I'd like to handle the login/challenge in a Web Component in a Dashboard.
I can get as far as opening the login Web Page, completing the 2FA challenge and then authorising the scope of source Entities, BUT when I hit OK to return the access token (a JWT response), since there is no vaild redirect URL I can point to in the OneStream environment then I cannot get the JWT back within OneStream.
My questions therefore are:
Thanks
Steve