Many external REST APIs use OAuth2 for authentication. This article describes how Gen's Toolset and Runtimes are used to natively manage this authentication method for the Call REST statement.
In this article we will show you how easy it is to use Gen’s native support for OAuth2 authentication when consuming (calling out to) REST APIs from Gen applications.
The OAuth2 authentication process is really just an additional REST API call. The Gen runtime first calls the authentication server to retrieve the token and then calls the actual API to execute the desired functionality. To simplify development, Gen allows for the inclusion of OAuth2 properties when a REST call is defined. This allows users to perform the entire authorization and execution sequence in one statement, using the specification that OpenAPI defines by default. Figure 1 shows the parameters Gen provides when an API call uses OAuth2.
The client id and client secret are provided when you register with the authentication provider. The token endpoint provides Gen with a token that is passed to the REST API to indicate whether you have permission to use the function you are requesting. Some sites have finer-grained permissions and use scope information. Scopes can be thought of like grants in a database — a user may have permission to read data, but not to write. Generally if your scope does not match the permissions for the API call, your application will receive a 403 (Forbidden) response from the remote server.
REST APIs are a great way to get more value from your business applications. OAuth2 Authentication ensures your sensitive data remains secure. Gen’s native support of OAuth2 simplifies the development process by enabling you to configure your authentication parameters within your Call REST statement. To learn about Gen’s natively supported security schemes, check out Gen Tech Docs: Authentication for REST API Calls.
Call REST hub article: Gen 8.6 Consuming REST APIs (Call REST) feature