Re: Rest and OAuth
Pijus Juodis
5-20-20
Hello,

I could not find the documentation for OAuth authorisation, but it works as follows:

1. You need to setup Developer Credentials in MyStandard portal for your StandardID

2. In the Allowed Redirects specify the URL that StandardID will be redirecting after user logs in with StandardID and Password


3. From the custom solution, whenever something triggers the Authorisation, it needs to:
- Redirect to https://standard-id.hansaworld.com/oauth-authorize with the following GET parameters:
- client_id = Client ID from Developer Credentials in MyStandard
- redirect_uri = Your app URL that will handle the callback from StandardID server after logging in
- access_type = must be "offline"
- response_type = must be "code"

4. After redirecting user to the URL generated in step 3, the user will have to login using his StandardID and Password

5. If the login is successful, StandardID will redirect the user to your redirect_uri with GET parameter:
- code = Authorisation Code

6. Next, your redirect_uri should handle the exchange of Authorisation Code to OAuth Token:
- It will have to make call to https://standard-id.hansaworld.com/oauth-token with the following POST parameters:
- client_id = Client ID from Developer Credentials in MyStandard
- client_secret = Client Secret from Developer Credentials in MyStandard
- redirect_uri = Your app URL that will handle the callback from StandardID that will contain the token

- code = Authorisation Code you got in step 5

- grant_type = must be "authorization_code"


7. If the request is successful, StandardID will redirect the user to your redirect_uri with the JSON response that looks as follows:
{
"access_token": [access token],
"token_type": "bearer",
"expires_in": 3600,
"refresh_token": [refresh token]

}

8. If the request is not successful, StandardID will redirect the user to your redirect_uri with GET parameter:
- error = server_error
(I am not sure how many different errors do we have)

9. Each next API request must have the access token specified in the header of the request:
Authorization: Bearer [access_token]


If you would like to test yourself, you can use Google's Developers Playground as one of the tools. To configure:
1. Configure Developer Credentials for your Standard ID in MyStandard. Allowed Redirects should be:
- https://developers.google.com/oauthplayground

2. Go to: https://developers.google.com/oauthplayground/

3. Configure the settings as follows:
- OAuth flow = Server-side
- OAuth endpoints = Custom
- Authorization endpoint = https://standard-id.hansaworld.com/oauth-authorize
- Token endpoint = https://standard-id.hansaworld.com/oauth-token
- Access Token Location = Authorization Header w/ Bearer prefix
- OAuth Client ID = Client ID from Developer Credentials in MyStandard
- OAuth Client Secret = Client Secret from Developer Credentials in MyStandard

4. After configuring this, enter anything in the Step 1 Select & Authorize APIs >> Input your own scopes and press Authorize APIs

5. You should be redirected to Standard ID login page, so perform the login

6. You will be brought back to Step 2, with Authorization Code filled in. Press Exchange authorization code for tokens

7. Then you will be brought to Step 3, from which you can make API GET, POST, PATCH requests with OAuth to Standard ERP
Leave Comment
You can subscribe to notifications for this post by selecting the 'star' icon on the top right corner of the post.
Latest Posts
David Delač
Hi Piotr, The log entry:
2024-12-14 08:40:43 0.000 CallHal(IsHansaWorldCustomer) appears because the server is running with the verbosity=debug-detailed setting in its parameters.txt file. Thi...
09:43 16 Dec 2024
Brittany McGrath
Hi Vaughn, I can confirm this has been fixed now and is live in Standard ERP 2024-11-20 Version: 85556786. Thank you. ...
10:04 10 Dec 2024