Difference between revisions of "Getting Started"

From Enterprise Help
Jump to: navigation, search
Line 15: Line 15:
 
[[File:Apiuser.png|border|center|Apiuser.png]]
 
[[File:Apiuser.png|border|center|Apiuser.png]]
  
''Note: If you are the&nbsp;'''''<i>Site Administrator</i>'''''for multiple Enterprise Sites you will need to use the&nbsp;'''Add Site Dropdown&nbsp;'''to select the site(s)&nbsp;the user will to access need access to and then check the API User box for each.<br/><br/>''
+
''&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Note: If you are the&nbsp;'''''<i>Site Administrator</i>'''''for multiple Enterprise Sites you will need to use the&nbsp;'''Add Site Dropdown&nbsp;'''to select the site(s)&nbsp;the user will to access need access to and then check the API User box for each.''<br/>
  
----
+
 
 +
 
 +
== '''Generating the Client ID & Client Secret'''<br/> ==
 +
 
 +
*The '''Client ID''' is considered public information, and is used to build login URLs.
 +
*The '''Client Secret
 +
 
 +
#To generate the&nbsp;'''Client ID&nbsp;'''&&nbsp;'''Client Secret'''&nbsp;you will first need to log into Enterprise as a '''Site Administrator'''&nbsp;then navigate to the&nbsp;'''Administrators&nbsp;'''page found under&nbsp;'''Settings'''.<br/><br/>[[File:Addadmin.png|border|center]]
 +
#On the&nbsp;'''Administrators&nbsp;'''page find the user you intend to generate the Client ID & Client Secret for, and click the&nbsp;'''Paddlock Icon'''&nbsp;next to their user name&nbsp;to access&nbsp;'''Security Settings'''.<br/><br/>[[File:PaddlockScreen.png|border|center]]
 +
#Now click the Register New Application button to generate the Client ID & Client Secret.<br/><br/>[[File:RegisterNewApp.png|border|center]]
 +
#You now have the '''Client ID '''& '''Client Secret''' needed to retrieve your '''Authorization Token'''.<br/><br/>[[File:ClientSecret.png|border|center]]
 +
 
 +
 
 +
 
 +
== '''Retrieving Authorization Token'''<br/> ==
 +
 
 +
The next step is to get an'''Authorization Token''' from the '''Fishbowl Authorization Service''' using the '''API User''' credentials we created in the first step, the '''Client ID''', and a '''Redirect URI.'''
 +
 
 +
The '''Fishbowl Authorization Service''' will only redirect users to a registered URI provided by the '''Client'''. Only 1 URI can be registered per client ID. Any HTTP redirect URIs must be protected with TLS security, so the service will only redirect to URIs beginning with "https". This prevents tokens from being intercepted during the authorization process.
 +
 
 +
The '''Client '''can create an '''Authorization Link''' sending the '''User '''to:
 +
 
 +
<pre>
 +
https://services.fishbowl.com/api/oauth2/authorize? response_type=code&client_id=CLIENT_ID&redirect_uri=REDIRECT_URI
 +
</pre>

Revision as of 20:55, 12 May 2015

A Client can access a User’s Account with the Resource Server using a Client ID, Client Secret, Access Token, and Refresh Token. The following steps will show you how to create an API User, generate the Client IDClient Secret, andAuthorization Token; and then, use that information to retrieve an Access Token and Refresh Token.

Role Definitions

  • The Resource Owner or “User” is the Fishbowl customer who is giving access to their account.
  • The Client is the application that is attempting to get access to the User Account.
  • The Resource Server is the Fishbowl API Server used to access the User Account.

Creating an API User

  1. To create an API User you will first need to log into Enterprise as a Site Administrator; then navigate to the Administrators page found under Settings.

    AdminLink.png
  2. Then click Add New Administrator at the top of the page.

    Addadmin.png
  3. Fill out the UsernamePassword, and Email Address fields with the desired credentials. Then check the box located under API User and click Save.
Apiuser.png

             Note: If you are the Site Administratorfor multiple Enterprise Sites you will need to use the Add Site Dropdown to select the site(s) the user will to access need access to and then check the API User box for each.


Generating the Client ID & Client Secret

  • The Client ID is considered public information, and is used to build login URLs.
  • The Client Secret
  1. To generate the Client ID Client Secret you will first need to log into Enterprise as a Site Administrator then navigate to the Administrators page found under Settings.

    Addadmin.png
  2. On the Administrators page find the user you intend to generate the Client ID & Client Secret for, and click the Paddlock Icon next to their user name to access Security Settings.

    PaddlockScreen.png
  3. Now click the Register New Application button to generate the Client ID & Client Secret.

    RegisterNewApp.png
  4. You now have the Client ID & Client Secret needed to retrieve your Authorization Token.

    ClientSecret.png


Retrieving Authorization Token

The next step is to get anAuthorization Token from the Fishbowl Authorization Service using the API User credentials we created in the first step, the Client ID, and a Redirect URI.

The Fishbowl Authorization Service will only redirect users to a registered URI provided by the Client. Only 1 URI can be registered per client ID. Any HTTP redirect URIs must be protected with TLS security, so the service will only redirect to URIs beginning with "https". This prevents tokens from being intercepted during the authorization process.

The Client can create an Authorization Link sending the User to:

https://services.fishbowl.com/api/oauth2/authorize? response_type=code&client_id=CLIENT_ID&redirect_uri=REDIRECT_URI