11-18-2020 02:18 AM
Hi,
I'm a developer and trying to make a toolbox to the automation software UiPath. It's peraty easy to make the activitys in general, but when it comes to the Authentication part is't a litle deficient.
When I look at the Hyland REST API Portal there are no examels on how. There are only a note that it's a http bearer method, and the method is fine but how to get the bearer key?
I hope there are some one here there are smartre then me. I can't find the way to get the key 🙂
In advance thanks for your help!
11-18-2020 06:41 AM
Heine,
In order to generate a bearer token you need to call the https://localhost/identityprovider/connect/token endpoint.
In the body, you need to pass the grant_type that is being used from IdP, the client_id, tenant, scope, and authentication credentials.
NOTE: For the longest time we didn't know we had to pass scope which by default is equal to evolution.
11-18-2020 06:41 AM
Heine,
In order to generate a bearer token you need to call the https://localhost/identityprovider/connect/token endpoint.
In the body, you need to pass the grant_type that is being used from IdP, the client_id, tenant, scope, and authentication credentials.
NOTE: For the longest time we didn't know we had to pass scope which by default is equal to evolution.
04-01-2021 05:46 AM
Any advice would be appreciated. The documentation is painfully lacking.
I keep receiving this return.
{
"error": "invalid_request"
}
These are the values I'm using in the body of a POST request.
{
"grant_type": "password",
"username": "some_user",
"password": "some_password",
"scope": "evolution",
"client_id": "some_id",
"client_secret": "some_secret",
"tenant": "some_tenant"
}
04-01-2021 08:39 AM
Hi Darren.
Looks that you are incorrectly posting the values to the Hyland IDP. Specifically the application/x-www-form-urlencoded Content Type. Here is the RFC specific to making the Access Token request.
https://tools.ietf.org/html/rfc6749#section-4.3.2
Take care.
04-01-2021 09:31 AM
If I make the content-type application/x-www-form-urlencoded then I get "invalid_client". What should my request body look like? I'm following the TechQuestREST sample and it seems to be making a POST request just like I described above. Please clarify.
Here's part of the GetAccessToken() method in that sample app.
string accessToken = null;
using (HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, new Uri(IdpClient.BaseAddress.ToString(), UriKind.RelativeOrAbsolute)))
{
request.Headers.Add("Accept", "application/json");
string requestBody = $"grant_type={properties.GrantType}&username={properties.Username}&password={properties.Password}&scope={properties.Scope}&" +
$"client_id={properties.ClientID}&client_secret={properties.ClientSecret}&tenant={properties.Tenant}";
request.Content = new StringContent(requestBody, Encoding.UTF8, "application/json");
request.Content.Headers.ContentType = new MediaTypeHeaderValue("application/x-www-form-urlencoded");
try
{
using (HttpResponseMessage response = IdpClient.SendAsync(request).Result)
{
// fails here with "{ "error": "invalid_request" }"
string responseBody = response?.Content?.ReadAsStringAsync().Result;
accessToken = JObject.Parse(responseBody)["access_token"]?.ToString();
}
}
catch (Exception ex)
{
throw new InvalidOperationException("Could not get response from IDP", ex);
}
Update
I'm able to authenticate via Postman and Insomnia now using "Form URL Encoded" in Insomnia or "x-www-form-urlencoded" in Postman. Now, I just need to translate that to C# code since, it seems clear, that the TechQuestREST sample app doesn't do that. Any tips?
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.