Question
Accenture
GB
Last activity: 11 Feb 2022 10:40 EST
help with configuring rest connector to use OAuth 2.0 and client credentials flow
The requirement is to access an external web service which authenticates using OAuth 2.0 client credentials flow. Ive attempted to configure it in Pega 7.3.1 by creating this OAuth 2.0 provider
which is used by my Auth profile
which i have used in my rest connector
this is how ive set up my request header
but i know it needs to have Authorization: "Bearer xxxxxxx"
Does the provider automatically get the access token when i used the connector and if so, where does it go and how to i map it into the header as a bearer token. I have set it up in Postman using OAuth 2.0 as the authorization and it works fine with those endpoints
The error i am getting at the moment is
The requirement is to access an external web service which authenticates using OAuth 2.0 client credentials flow. Ive attempted to configure it in Pega 7.3.1 by creating this OAuth 2.0 provider
which is used by my Auth profile
which i have used in my rest connector
this is how ive set up my request header
but i know it needs to have Authorization: "Bearer xxxxxxx"
Does the provider automatically get the access token when i used the connector and if so, where does it go and how to i map it into the header as a bearer token. I have set it up in Postman using OAuth 2.0 as the authorization and it works fine with those endpoints
The error i am getting at the moment is
| Fail: Authentication parameters incorrect |
Infomatics Corp
US
@matthewk2081 Based on the screen shot you shared you are sending Client Credentials inside the body. Can you try that as Authorization Header. Aslo enable the Rest Logger to see the complete request with Headers.
com.pega.pegarules.integration.engine.internal.connect.rest.RESTConnector
com.pega.pegarules.integration.engine.internal.connect.http.HTTPClientUtils
com.pega.platform.integrationcore.client.http.internal.ComponentsHttpClient
Rule_Obj_Activity.Invoke.Rule_Connect_REST.Action
Accenture
GB
@Abhilash_K Thanks very much for your response. I can see the only header being set is
Setting header "Content-Type" to value "application/json
I changed the OAuth 2.0 provider to send the client credentials as Authorization header and it hasnt made any difference.
Am I wrong in thinking that the provider will get the token and attach it to the request of whatever connector is configured with an auth profile that is using the provider? Or does it need further configuration?
There is no mention in the logging/trace of the Access token endpoint being accessed. Where will the token be stored?