Additional HTTP Security using OAuth
- Gnatta
- David Oliver (Deactivated)
This article will show you how to set up and manage OAuth credentials to be used in HTTP requests sent from Workflow.
This provides additional security to external requests made from workflow by retrieving an access token from your authentication provider and ensuring requests are validated.
Please note that Signing Keys cannot be used in conjunction with OAuth Credentials.
Workflow OAuth Setup
First, you will need to navigate the Configuration menu, found in the top right of the screen. Once the menu appears, click HTTP.
Here you will then see a Workflow OAuth tab as below:
Select the Add button and a segment will appear for you to create and input your OAuth details.
The Display Name is a name for selection purposes within Gnatta. The remaining details (Token Endpoint, Client Id, Client Secret) should be obtained from your Authorisation Provider.
Once saved you will see your new OAuth Credentials appear in the Workflow OAuth list.
You can select the credentials from here and update the details if needed. Please note that the Client Secret will only display a 4 character hint (after the initial creation).
Using Workflow OAuth with HTTP Requests
When configuring a HTTP Request Node within Workflow, (See the HTTP Node Basics article) you will now see the option to select OAuth Credentials to be used.
Select the credentials you wish to use, then ensure the node has been saved and workflow has been published.
Now each time this HTTP Request Node is fired during a workflow, a request will be made (using the details you provided) to request an access token so that it can securely communicate with the URL/Endpoint/Service set within the node.