/
REST OAuth2 Account

REST OAuth2 Account

In this article

Overview

You can use this account type to connect REST Snaps with data sources that use OAuth2 authenticationWhen choosing between different authentication options for a REST API, we recommend you use the REST OAuth2 account instead of the REST In-memory OAuth2 account because of the flexibility and security features OAuth2 offers. Learn more about the differences between the REST In-memory OAuth2 Account Vs. REST OAuth2 Account.

Prerequisites

A valid Client ID, Client secret, OAuth2 endpoint, and OAuth2 token.

Limitations

None.

Account Settings

Field NameField TypeDescription
Label*String

Specify the name for the account. We recommend that you update the account name if there is more than one account of the same account type in your project.

Default Value: N/A
ExampleREST OAuth2 Account

Client ID*String

Specify the client ID associated with your account. You can create the client ID as advised by your application provider. An example and its meaning can be found here.

Default Value: N/A
Examplep364e45x-953x-460p-9pb0-934xep16p693

Client secret*String

 The client secret associated with your account. You can create the client secret as advised by your application provider. An example and its meaning can be found here.

Default Value: N/A
Example<Encrypted>

Access tokenString

Auto-generated after authorization. Specify the token that SnapLogic uses to make API requests on behalf of the user associated with the client ID.

Default Value: N/A
Example<Encrypted>

Refresh tokenString

Auto-generated after authorization. Specify the refresh token associated with your account. If the refresh token is stored, then the access token can be refreshed automatically before it expires.

You should retrieve the Refresh token when setting up the account for the endpoint, where the OAuth2 flow is executed and the resulting refresh token is stored in this field. If the refresh token is stored, then the access token can be refreshed automatically before it expires. 

Users who run Pipelines with REST Snaps using OAuth2 authentication should have read/write/execute permissions. If the user has only Execute permissions, a refresh of the OAuth2 token might prompt the user's credentials. For a workaround, you can give the user running the Pipeline Write access to the Assets referenced in the Pipeline.

In some REST endpoints, such as Google and Microsoft, the refresh token is not returned by the default parameters/scopes. For example, in an endpoint such as Google, to get the refresh token you need to set access_type=offline and prompt=consent.

Default Value: N/A
Example<Encrypted>

Access token expirationInteger

Auto-generated after authorization. Specify the access token expiration value, in seconds.

Default ValueCurrent Time + 3600 seconds
Example10000s

Header authenticated

Checkbox

Select this checkbox to indicate that the endpoint uses bearer header authentication.

Default Value: Deselected

OAuth2 Endpoint*

String

Specify the URL of the endpoint that authorizes the application. 

Default Value: N/A
Examplehttps://login.microsoftonline.com/common/oauth2/v2.0/authorize