Oauth2: Get Token

Owned by Former user (Deleted)
Last updated: May 15, 2024 by Stonebranch (Deactivated)
3 min read

Disclaimer

Your use of this download is governed by Stonebranch’s Terms of Use, which are available at https://www.stonebranch.com/integration-hub/Terms-and-Privacy/Terms-of-Use/

Overview

The Oauth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either:

  • On behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service,
  • By allowing the third-party application to obtain access on its own behalf.

With Universal Automation Center, you can obtain Oauth2 access tokens that can be used to authorize UAC tasks.

Key Features

This Universal Extension provides the following main features:

  • Support to obtain Oauth2 Access token for "Resource Owner Password Credentials" (aka "Password Credentials") or "Client Credentials" Grant Types . More information about the supported Grant Types can be found here: Resource Owner Password Credentials Grant , Client Credentials Grant.

  • Support for authorization scopes.

  • Support to use the Client Credentials in the request Body or as Basic Authentication Header.

Software Requirements

This integration requires a Universal Agent and a Python runtime to execute the Universal Task.

Software Requirements for Universal Template and Universal Task

Requires Python 3.7.0 or higher. Tested with the Universal Agent bundled Python distribution.

Software Requirements for Universal Agent

Both Windows and Linux agents are supported:

  • Universal Agent for Windows x64 Version 7.0.0.0 and later with python options installed.

  • Universal Agent for Linux Version 7.0.0.0 and later with python options installed.

Software Requirements for Universal Controller

Universal Controller Version 7.0.0.0 and later.

Network and Connectivity Requirements

Universal Agent needs to have network access to Access Token URL

Import Universal Template

To use the Universal Template, you first must perform the following steps:

  1. This Universal Task requires the Resolvable Credentials feature. Check that the Resolvable Credentials Permitted system property has been set to true.
  2. Download the provided ZIP file.
  3. In the Universal Controller UI, select Configuration > Universal Templates to display the current list of Universal Templates.
  4. Click Import Template.

  5. Select the template ZIP file and Import.

When the template has been imported successfully, the Universal Template will appear on the list, refresh your Navigation Tree to see these tasks in the Automation Center Menu.

Configure Universal Task

For the new Universal Task type, create a new task, and enter the task-specific details that were created in the Universal Template

Input Fields

The input fields for this Universal Extension are described below.


Field

Input type

Default value

Type

Description

Action

Required

Get Access Token

Choice

"Get Access Token": The action that gets an access token from the Server.

Grant Type

Required

Password Credentials

Choice

The OAuth 2.0 Grant Type used to get the token. Supported Grant Types are:

  • Password Credentials

  • Client Credentials

Access Token URL

Required

-

Text

The endpoint for authentication server. It is used to exchange the Client Credentials (and the Resource Owner Credentials in the case of "Password Credentials" Grant Type) for an access token.

Client Credentials

Required

-

Credentials

Client credentials are comprised of:

  • client id : The client identifier issued to the client during Application registration process.

  • client secret : The client secret issued to the client during Application registration process.

Resource Owner Credentials

Required

-

Credentials

Required only for Grant Type "Password Credentials". The Resource Owner Credentials are comprised of:

  • username

  • password

Scope

Optional

-

Text

A space-separated list of scopes of the request.

Client Authentication

Required

Sent in Body

Choice

Controls whether the client credentials are sent in the request body or as a basic authentication header:

  • Send as Basic Auth Header.

  • Send client credentials in Body.

Task Examples

Follow the steps below to create a OAuth2 Authentication Token Task using "Password Credentials" Grant Type.

The same process can be followed for "Client Credentials" Grant Type (in this case Resource Owner Credentials are not required).

  1. Give the task a name (for example, sample-1-task-1).

  2. Select an active agent of version 7.0.0.0 or higher for the task to run on.

  3. Select the action.

  4. Select the Grant Type.

  5. Fill the Access Token URL field.

  6. Set your Client Credentials.

    Example of Client Credentials:




  7. Set your Resource Owner Credentials.

    Example of Resource Owner Credentials:



  8. Fill the scope.

  9. Select the client authentication method.

    Example of Get Access Token Action:



Output Fields

The output fields for this Universal Extension are described below.

Field

Type

Description

Access Token

Large Text

The access token in the case of successful execution.

Although it is an output field, it is hidden by default. UAC tasks that require the generated access token for authorization purposes can reference the variable ops_oauth_token_access_token of the respective Oauth Token task instance

Exit Codes

The exit codes for this Universal Extension are described below.

Exit Code

Description

0

access token is retrieved successfully

1

there was an error during execution of Universal Extension

Document References

This document references the following documents:

Name

Description

Universal Templates

User documentation for creating Universal Templates in the Universal Controller user interface.

Universal Tasks

User documentation for creating Universal Tasks in the Universal Controller user interface.

Credentials

User Documentation for Credentials Details Field Description.