OAuth tab

On the Add target system dialog box, use the OAuth tab to add a target system for robot access to OAuth credentials.

OAuth is recommended for use with Robots. OAuth feature availability is limited with Basic Engine Robots.

Before you add a target system for robot access to OAuth credentials:

• Create an application for the service provider. See Service providers.

• From the summary page of the application presented by the service provider, obtain the client access credentials.

• If using Microsoft credentials, generate and save with a .pem extension both the Consumer certificate and the Consumer private key.

To add a target system with OAuth enabled:

1. Complete the entries in the Basic tab.

2. Select the OAuth tab.

3. Select the Enable OAuth box.

4. Select a Service provider from the list.

   • All supported service providers appear in the list.

   • To register an out-of-band application, see Register out-of-band applications.

5. If you select Microsoft Azure 2.0:

   1. Verify that the application is properly configured with the credentials.

      Credentials from Microsoft are required to complete the target system configuration. Refer to the Microsoft documentation.

   2. Select a Token grant flow from the list.

   3. Based on the Token grant flow, do one of the following:

      Depending on the flow you select, the boxes on the dialog box change to require data corresponding to the flow.

      • If you select either Authorization code or Client credentials, skip to the step for entering the Consumer key.

      • If you select Client credentials with certificate:

        • In the Consumer key box, paste the Microsoft application ID.

        • In the Consumer certificate box, click the Browse file paper clip icon to upload the certificate.

        • In the Consumer private key box, click the Browse file (the paper clip icon) to upload the key.

        • (Optional) In the Consumer private key password box, paste or type the password.

          This value is optional, depending on whether the Consumer private key is secured by a password phrase.

        • Skip to the step for entering the Scope.

6. Paste the Consumer key into this box.

7. Paste the Consumer secret into this box.

   To add a new secret, add it on the application summary page that you created previously on the service provider's website.

8. Specify the Callback URL.

   Example:

   http://127.0.0.1:50080/OAuthCallback

   For Client credentials, the Callback URL box is not present.

9. For Scope, if the service provider requires it, specify the scope value in the box.

   Scope defines what parts of the API an application is authorized to access. Service providers list the scope values on their web sites.

   For example, when accessing Google, the scope https://www.google.com/analytics/feeds/ must be specified if the application is allowed to access the Google Analytics Data API.

   Example scopes are default, read.email, write.email, and default offline_access.

   Only one scope per target system is allowed. If other scopes are needed, use the same service provider credentials to create additional target systems, each with a different scope allowed by the service provider.

10. To combine Secrets with OAuth for this target system, skip to the Secrets tab.

11. When you're ready to create the target system, click OK.