About OAuth2's custom return values (authorize and auth token)

App Building
,
1

One of my services uses a different name for the "code" field in authentication,

example:
https://oauth.retool.com/oauth/user/oauthcallback?auth_code=c961c5c6dd2f1885cb221378cb81ee95&state=retool

Some extra fields have been added to the return value when getting the access token. Obviously I need to use these fields in the queries as well.

{
    "nonce" : "98187ecdebca4846",
    "data" : {
        "access_token" : "RRZ6+d8Y+JX2hwBtsmF9LpZwBi2gR/bBu3Wq8TmrGtYoV0FqvbnD985smoqkZ6SoV/IgP5h+Lm+pAoxuR",
        "expires" : 1606985243,
        "refresh_token" : "RZ6+d8Y+JX2hwBtsmF9LpZwBi2gR/bBu3Wq8TmrGtYoV0FqvbnD985smoqkZ6SoV/IgP5iO7r+pQoxu",
        "scopes" : [
            "VIEW_USER_INFO",
            "VIEW_VIDEO",
            "MANAGE_VIDEO"
        ],
        "open_id" : "xqGn7bYSD601jnq8xq0lCAlx5h12"
    },
    "message" : "SUCCESS",
    "code" : 0
}

How can I configure this on retool?

2

Hey @vvtommy!

Retool's OAuth2 flow is built off of generally used parameters, if you want a more configurable one you might be able to set it up using custom auth. Assuming your auth follows this flow:

1126×750 196 KB

you might try creating a custom auth flow with 4 steps:

  1. Use a "Redirect to SSO" step that passes the necessary information as URL parameters (e.g. your Client ID)
  2. Define a variable to store your grant code - at this point, you can reference any arbitrary value passed either in the body or URL params from your IdP
  3. Use an API request step to query your authorization server with the grant
  4. Define a variable to store your Access Token and whatever other properties you need to query your resource

Finally, you can include your access token variable in your query requests as normal :slightly_smiling_face:

Other flows are also possible but you'd need to configure the steps accordingly. Let me know if this helps or you run into any issues!

Note: If you're using this custom auth flow your callback url will be different so make sure to add it to your oauth app!

1216×250 65.3 KB

2 Likes
3

any idea how to integrate microsoft graph and get the user to be able to be able to accept permission request. My integration works for my if I test the resource but if a user logs in they don't get prompted to give access to microsoft graph api.

4

@Kabirdas hey man,

So my auth provider sends the code with the callback url after oauth2 success. I need this code for further query basically getting refresh token. How can I achieve it ?

your comments says " 1. Define a variable to store your grant code - at this point, you can reference any arbitrary value passed either in the body or URL params from your IdP" how can we catch values of url params ? http1.url ?

5

Hey @mpmohi!

It depends a bit on your endpoint but I would expect it to be in redirect1.urlparams. If you set up your custom auth flow to the point where you have the Redirect to SSO step defined, then save it and click "Test auth workflow" you should see a JSON representation of all the variables you have access to:

The above screenshot is incomplete but hopefully, it gives you an idea. I would check that to see if you can find the code somewhere under redirect1. You might end up referencing something like {{ redirect1.urlparams.code }}.

Let me know if that works!

1 Like
6

Thanks.