Re: Rest and OAuth
Pijus Juodis
5-20-20
Hello,

I could not find the documentation for OAuth authorisation, but it works as follows:

1. You need to setup Developer Credentials in MyStandard portal for your StandardID

2. In the Allowed Redirects specify the URL that StandardID will be redirecting after user logs in with StandardID and Password


3. From the custom solution, whenever something triggers the Authorisation, it needs to:
- Redirect to https://standard-id.hansaworld.com/oauth-authorize with the following GET parameters:
- client_id = Client ID from Developer Credentials in MyStandard
- redirect_uri = Your app URL that will handle the callback from StandardID server after logging in
- access_type = must be "offline"
- response_type = must be "code"

4. After redirecting user to the URL generated in step 3, the user will have to login using his StandardID and Password

5. If the login is successful, StandardID will redirect the user to your redirect_uri with GET parameter:
- code = Authorisation Code

6. Next, your redirect_uri should handle the exchange of Authorisation Code to OAuth Token:
- It will have to make call to https://standard-id.hansaworld.com/oauth-token with the following POST parameters:
- client_id = Client ID from Developer Credentials in MyStandard
- client_secret = Client Secret from Developer Credentials in MyStandard
- redirect_uri = Your app URL that will handle the callback from StandardID that will contain the token

- code = Authorisation Code you got in step 5

- grant_type = must be "authorization_code"


7. If the request is successful, StandardID will redirect the user to your redirect_uri with the JSON response that looks as follows:
{
"access_token": [access token],
"token_type": "bearer",
"expires_in": 3600,
"refresh_token": [refresh token]

}

8. If the request is not successful, StandardID will redirect the user to your redirect_uri with GET parameter:
- error = server_error
(I am not sure how many different errors do we have)

9. Each next API request must have the access token specified in the header of the request:
Authorization: Bearer [access_token]


If you would like to test yourself, you can use Google's Developers Playground as one of the tools. To configure:
1. Configure Developer Credentials for your Standard ID in MyStandard. Allowed Redirects should be:
- https://developers.google.com/oauthplayground

2. Go to: https://developers.google.com/oauthplayground/

3. Configure the settings as follows:
- OAuth flow = Server-side
- OAuth endpoints = Custom
- Authorization endpoint = https://standard-id.hansaworld.com/oauth-authorize
- Token endpoint = https://standard-id.hansaworld.com/oauth-token
- Access Token Location = Authorization Header w/ Bearer prefix
- OAuth Client ID = Client ID from Developer Credentials in MyStandard
- OAuth Client Secret = Client Secret from Developer Credentials in MyStandard

4. After configuring this, enter anything in the Step 1 Select & Authorize APIs >> Input your own scopes and press Authorize APIs

5. You should be redirected to Standard ID login page, so perform the login

6. You will be brought back to Step 2, with Authorization Code filled in. Press Exchange authorization code for tokens

7. Then you will be brought to Step 3, from which you can make API GET, POST, PATCH requests with OAuth to Standard ERP
Reply
Leave Comment
You can subscribe to notifications for this post by selecting the 'star' icon on the top right corner of the post.
Latest Posts
Optional Features >> Disable sessions for web api
Gastón Salomone
Hi, I cannot find any information on about this feature on hansamanual. That is the purpose, is it working, how it works or how must be configured to work ? For REST API many web request per...
23:47 3 Oct 2024
Re: Occasional crash when printing
Paul Timms
Thanks Bror-Erik, it's hard to replicate so we won't know for sure until we upgrade the customer with this issue....
10:37 30 Sep 2024