OAuth 2.0 for REST Calls in ITPAM
Article ID: 214377
Updated On:
Products
Issue/Introduction
We have a requirement where we need to execute some REST calls with Authorization type as OAuth 2.0. How can this be done through ITPAM?
Environment
Release : 4.3
Component : IT Process Automation
Resolution
As with most Automation tools, there is usually more than one way to do something. This article will offer two methods.
Per the OAuth2.0 Specification/RFC (RFC 6749), the client_id must be encoded using the application/x-www-form-urlencoded algorithm.
SOLUTION 1
This solution uses the HTTP Post Form. This is the recommended solution as it offers a way to more clearly read/track the key values as shown below - using the HTTP Post Form Information -> Form Fields. It should not require anything additional (for example, headers to specify Content-Type = application/x-www-form-urlencoded).
SOLUTION 2
It is possible to use the HTTP Post operator. However, it involves a little more effort than using the HTTP Post Form. To use the HTTP Post operator you will need to:
- Group together all of the form's key/values and separate them using an ampersand character and add this to the HTTP Post Information -> Content input field - as seen in figure 2 below.
- Add the "Content-Type = application/x-www-form-urlencoded" HTTP Headers Information -> HTTP Headers table - as seen in figure 3 below.
Figure 2
Figure 3
Additional Information
Once your operator is working successfully, one way to use the access_token returned in other operators is to setup the HTTP Post Form's post-execution script to capture the result and add it to a Process variable. For example:
var response=Process[OpName].HTTPResponseContent;
var token = JSON.parse(response);
Process.access_token=token.access_token;
Please see here for more information on Operator Dataset Variables
Please see here for more information on HTTP Post Form Operator
Attachments
Feedback
