Visual Builder

Get Involved. Join the Conversation.

Topic

    Vinod Kumar Kv
    Salesforce rest OAUTH2 call from VBCS
    Topic posted December 8, 2018 by Vinod Kumar KvBronze Medal: 1,250+ Points, tagged REST 
    344 Views, 39 Comments
    Title:
    Salesforce rest OAUTH2 call from VBCS
    Summary:
    Salesforce rest OAUTH2 call from VBCS
    Content:

    Hello,

    We are trying to access datat from salesforce using oauth2 rest API authentication using VBCS services. We have created a connected app in salesforce and it working fine in postman. Same oauth2 request is not working in VBCS. Detailed screenshots of POSTMAN and VBCS setup are attached below.

    Please let us know how to make sales force OAuth2 API call from VBCS.

    Thanks

    Version:
    Version: 18.4.1
    Image:

    Comment

    • Aparna Gaonkar

      What is the kind of OAuth grant type you need to use?  VBCS Service Connections can support OAuth 2.0 resource owner password and OAuth 2.0 Client credentials.  

    • Mohana Gopal Selvam

      Hi Aparna,

      Please find the screenshot of GetToken Method, where I passed header values and there is no authentication for this method.

    • Mohana Gopal Selvam

      I get the token value from the above request, and passed the token in Bearer Token - authorization type to get the value from another method. Find the screenshot.

    • Aparna Gaonkar

      Hi Mohan, I see that for getting the OAuth token you are passing all attributes (grant_type, username, password, client id , client secret) as query parameters in the POST request.  This is not recommended in the OAuth 2.0 RFC, and in general also POST shouldnt have query parameters.  You should try to send them as URL encoded form parameters.  In POSTMAN you can choose this as given in the screenshot

    • Aparna Gaonkar

      Also the grant that you have attached screenshot for is supported for Visual Builder (but not via query params as you have shown in POSTMAN).  In Service Connections you can choose Authentication -> OAuth 2.0 Resource Owner Password (see screenshot), and it asks the same information that you have passed to the OAuth endpoint.  You should try to connect to your OAuth bearer token endpoint via form url encoded params as mentioned above

    • Mohana Gopal Selvam

      Hi Aparna,

      Thanks for your response.

      As I mentioned before, I have used 2 methods. 1. GetToken 2. GetValue

      GetToken is working in postman as per your screenshot. How to achieve this in VBCS?

      1. I have provided the Service

      2. Authentication - None (Use Proxy)

      3. What needs to be provided in Body Sample section?

      Thanks,

      Mohan

       

    • Aparna Gaonkar

      Mohan, what I can understand is that you have two endpoints :

      1) GetToken - which is your OAuth 2.0 token endpoint, gets the OAuth token, has inputs username, password, grant type, client id/secret etc, and gives you access_token in the response payload

      2) GetValue (correct?)  - which is the actual endpoint which gives you data if you pass "Authorization : Bearer <access_token>" got from 1).  Let's say this is https://myservice.com/getdata

      The way to achieve this in VBCS is to Define a Service Connection to "GetValue" (https://myservice.com/getdata) , then configure Authentication from the dropdown as "Resource Owner OAuth 2.0"  and give the necessary attributes like username, password, client id/secret etc.  You dont define GetToken as it is intrinsically supported as an Authentication mechanism in the dropdown.

       

    • Mohana Gopal Selvam

      Hi Aparna,

      What you have understood is correct for the 2 points.

      You meant to say we no need to call the GetToken method explicitly. GetValue method will call it internally?

      Where we need to define the grant_type in 'Resource Owner OAuth 2.0'?

      Thanks,

      Mohan

       

      • Aparna Gaonkar

        Correct, the Service Connection of GetValue will look at the authentication "Resource Owner OAuth 2.0" and call the token endpoint automatically with the parms you have given.  There is no need for grant type as "Resource Owner OAuth 2.0" maps to grant_type = password

    • Mohana Gopal Selvam

      Hi Aparna,

      I got the below error when I click Test in VBCS.

      {
          "type": "HTTP://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
          "status": 400,
          "title": "Bad Request",
          "detail": "{\"type\":\"abcs://proxy_problem/oauth/auth_token_error\",\"title\":\"OAuth token resource returned an error\",\"detail\":\"The request contains invalid parameters or values.\",\"status\":400,\"o:vbcs-token-response\":{\"error_description\":\"The request contains invalid parameters or values.\",\"error\":\"invalid_request\"}}"
      }

      • Aparna Gaonkar

        Please paste the screenshot of the Service Connection Authentication tab and also the POSTMAN request (with form url encoded paramters) of GetToken to compare

    • Mohana Gopal Selvam

      Please find the screenshot.

      • Aparna Gaonkar

        Hi, I see the following empty - password, which should be the password of the demo-api user.  and the Token URL .  This would be the same as the URL you were using for GetToken

        • Aparna Gaonkar

          Also instead of trying a POST request first, I would recommend you try with a simple GET request first to see that the authentication is working fine.

    • Mohana Gopal Selvam

      Hi Aparna,

      I have provided the Token URL. Got the below error for both Get & POST method.

      {
          "type": "HTTP://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
          "status": 400,
          "title": "Bad Request",
          "detail": "{\"type\":\"abcs://proxy_auth_problem/generic_error\",\"title\":\"Authentication Error\",\"detail\":\"Error while authenticating request caused by Connect to xx.xx.xx.xx:443 [/xx.xx.xx.xx] failed: connect timed out\",\"status\":400}"
      }

       

       

    • Mohana Gopal Selvam

      Hi Aparna,

      We have got the OIC IPs from Oracle Support and provided to customer to whitelist. I will check with customer again for the IP whitelisting. 

      Thanks for support. I will update once I get anything from the customer.

      Thanks,

      Mohan

    • Mohana Gopal Selvam

      Hi Aparna,

      I have another API which doesnt have Client Id & Client Secret. How to achieve it in VBCS? I got the below error when I test my API. Please find the configuration screenshot. 

      {
          "type": "HTTP://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
          "status": 400,
          "title": "Bad Request",
          "detail": "{\"type\":\"abcs://proxy_problem/oauth/client\",\"title\":\"Missing OAuth Value\",\"detail\":\"Missing client_id and client_secret for third party server\",\"status\":400}"
      }

    • Mohana Gopal Selvam

      I can create connection using the above API in ICS as per below blog, but I couldnt configure in VBCS as per your comments. 

      https://blogs.oracle.com/adapters/integrate-ics-with-a-third-party-oauth-protected-rest-service-using-the-generic-rest-adapter-part-1

      I am trying this in OIC. 

      Thanks,

      Mohan