Refreshable token
Here are all details about configuring Connectors to authenticate with Refreshable Tokens
Introduction
The refreshable token authentication covers authentication mechanism which work similarly to OAuth2.
However, instead of the user logging into the Connector's login page directly and passing a token back to Locoia, the user enters their API credentials directly in Locoia.
Just like with OAuth2, Locoia then receives a refresh token (based on the entered credentials) which is then used to retrieve a valid access token.
Header
The header for refreshable token is, except for the header_key
, usually configured like this:
Authentication Configuration
The below example is for snov.io.
Required parameters
authorization_request_url
authorization_request_body_template - if no template needs to be passed, pass an empty string
""
authorization_request_headers
response_access_token_path
Required parameters for different REFRESHING endpoint
refresh_request_url
refresh_request_body_template - if no template needs to be passed, pass an empty string
""
refresh_request_headers
response_refresh_token_path
Optional parameters
authorization_request_method
is optional to have the request be a GET, which is rarely the case but happens. The default is POSTrefresh_response_access_token_path
is an optional path to the access token for the refresh request. In case it's not specifiedresponse_access_token_path
will be used for the refresh request as wellresponse_access_token_path_in_header
is an optional path to the access token for the refresh request, which needs to be used, if the access token is in the header of the responseresponse_access_token_path_in_cookie
is used in order to retrieve a cookie value from the response as the access token. As there can be multiple cookies in the response, a unique string from the desired cookie needs to be specified as it's value.refresh_response_refresh_token_path
is an optional path to the access token for the refresh request. In case it's not specifiedresponse_refresh_token_path
will be used for the refresh request as well
Examples
Docuware
Docuware uses a Cookie-based authentication and additionally requires the same User-Agent
header for all requests:
In the Header configuration, the same User-Agent
needs to be specified:
Last updated