Progress DataDirect Autonomous REST Connector for ODBC User's Guide Release 8.0.1

OAuth 2.0 authentication

Save PDF

OAuth 2.0 authentication

Save PDF

Last Updated: June 7, 2023
1 minute read

DataDirect Connectors
ODBC
Autonomous Rest Connector 8.0
Documentation

The Model file supports a set of entries that can be used for OAuth 2.0 authentication. As opposed to specifying these values in a connection string or data source, using a Model file allows you to centrally configure and manage certain OAuth 2.0 settings for all connections using that file.

Note: The OAuth 2.0 authentication entries described in this section are mutually exclusive from #authentication entry, which is used for custom authentication flows.

The following demonstrates the syntax used for specifying OAuth 2.0 settings in the Model file. Note that different authentication flows, or grant types, require a different set of credentials and authentication locations to successfully authenticate. Therefore, not all of these entries will be used for every flow. If you are unsure of your requirements, contact your system administrator.

Note: Entries that correspond to connection options that specify confidential information, such as Client ID (ClientID) and Client Secret (ClientSecret), are not supported in the Model file. Values for these options should be passed in a connection string or by the application.

"#authenticationMethod":"OAuth2"
"#authUri":"<auth_uri>"
"#enableLoginPrompt":true | false
"#logoffUri":"<log_off_uri>"
"#redirectUri":"<token_uri>"
"#scope":"<scope>"
"#tokenUri":"<token_uri>"

Table 1. Supported Auth2.0 entries
Entry	Description
`#authenticationMethod`	Determines which authentication method the driver uses during the course of a session. Set this value to `OAuth2`.
`#authUri`	Specifies the endpoint for obtaining an authorization code from a third-party authorization service
`#enableLoginPrompt`	Specifies whether the driver fetches access and refresh tokens at connection when logon credentials are provided via the login prompt for your service. Set this option to `true` if you are using dynamic authorization code grant flow.
`#logoffUri`	Specifies the endpoint the driver calls to notify the service to log the client out of the session, including performing any clean-up tasks or expiring the token.
`#redirectUri`	Specifies the endpoint to which the client is returned after authenticating with a third-party service.
`#scope`	Specifies a space-separated list of OAuth scopes that limit the permissions granted by an access token.
`#tokenUri`	Specifies the endpoint used to exchange authentication credentials for access tokens. For example, `https://example.com/oauth2/authorize/`.

Examples

The following examples demonstrate potential entries for common authentication flows.

Authorization code grant:

"#authenticationMethod":"OAuth2"
"#redirectUri":"http://localhost"
"#tokenUri":"https://example.com/oauth2/token"

Client credentials, Password, and Refresh token grants:

"#authenticationMethod":"OAuth2"
"#tokenUri":"https://example.com/oauth2/token"