Skip to main content
Version: 4.13.3

SetOAuth2Token component

The SetOAuth2Token component is used to handle the process of retrieving and refreshing Access and Refresh tokens as specified in the OAuth2 protocol. Access tokens are used to authorize calls to endpoints / applications, i.e. email or a cloud platform. An access token is sent along as part of requests to these applications, often as an 'Authorization' header.

Important! To trigger the process of continuously refreshing tokens in order to have a valid access token available at all times this component needs to be combined with a Scheduler component. Read more about how to setup Scheduling SetOAuth2Token component below.

Configuration

This component has the following configuration options:

Authorization URL

Description

The URL used for first contact with and authorization on the authorization server.

Remarks

  • The Authorization URL is specified in the (API) documentation of the application you require access to.

Token URL

Description

The URL used for getting and refreshing the access token from the authorization server.

Remarks

  • The Token URL is specified in the (API) documentation of the application you require access to.

Client Id

Description

Public key called 'Client Id' used to identify the application you want to connect to.

Remarks

  • The Client Id is created in the application you require access to.

Client Secret

Description

Secret key called 'Client Secret' used to authenticate on the authorization server.

Remarks

  • The Client Secret is created in the application you require access to.

Scope

Description

Specify the permissions that are granted to an access token.

Remarks

  • The Scope settings are specified in the (API) documentation of the application you require access to.

Refresh Token Delay

Description

Defines how many seconds before the expiration time an access token is allowed to be refreshed, default is 25 seconds.

Header name - Global variable

Description

The name of the header and global variable for setting / storing the access token.

Redirect URL and Authorize

Description

On the bottom of the settings you see the redirect URL for the test and production environment. Paste the applicable redirect URL into the settings of the application you require access to (you can use the copy button).

Click the Authorize button after you've completely set up the component and settings in the application you require access to. A popup appears prompting you to fill in the user credentials and optionally consent to the required permissions.

When the OAuth2 token received with success! message appears you've succesfully retrieved the first set of access and refresh tokens.

Scheduling SetOAuth2Token component

The SetOAuth2Token component has to be combined with a Scheduler component in order to periodically check if the access token can be refreshed. The refresh window is the time between (expire_date minus Refresh Token Delay) and the expire_date.

For example, if your access token is valid for 60 minutes and the Refresh Token Delay is set to 1 minute:

  • The refresh window is between 59 and 60 minutes.
    (Technically you can refresh after the expire_date, but you won't have a valid access token from 60+ minutes onwards until the access token is refreshed.)
  • Your Scheduler has to trigger within this refresh window and therefore its Repeat Interval has to be lower than the Refresh Token Delay time.
  • Set Scheduler Repeat Count to -1 so it repeats indefinitely.

OAuth2 Global variables

After succesfully setting up the component the following Global variables will be set:

Global variable nameDescription
oauth2_<component_guid>_access_tokenThe access token
oauth2_<component_guid>_client_idThe Client Id
oauth2_<component_guid>_client_secretThe Client Secret
oauth2_<component_guid>_expire_dateThe unix timestamp of the expiration date & time
oauth2_<component_guid>_redirect_uriThe Redirect URL
oauth2_<component_guid>_refresh_flagFlag for refreshing status:
1 => token is being refreshed
(other processes will not be allowed to refresh this token simultaneously)
0 => token is not being refreshed
(a process is allowed to start refreshing the token)
oauth2_<component_guid>_refresh_tokenThe refresh token
oauth2_<component_guid>_scopeThe Scope
oauth2_<component_guid>_uri_authorizeThe Authorization URL
oauth2_<component_guid>_uri_tokenThe Token URL

Important! Editing any of these Global variables can break the process of refreshing of tokens.

Remarks

  • This component uses The OAuth 2.0 Autorization Framework.
  • How long access & refresh tokens are valid, Client Id, Client Secret, Token URL, Authorization URL and Scope are defined by the application you require access to. Please refer to your application (API) documentation.