Getting Started

From Enterprise Help
Revision as of 20:55, 12 May 2015 by Sghosh (Talk | contribs)

Jump to: navigation, search

A Client can access a User’s Account with the Resource Server using a Client ID, Client Secret, Access Token, and Refresh Token. The following steps will show you how to create an API User, generate the Client IDClient Secret, andAuthorization Token; and then, use that information to retrieve an Access Token and Refresh Token.

Role Definitions

  • The Resource Owner or “User” is the Fishbowl customer who is giving access to their account.
  • The Client is the application that is attempting to get access to the User Account.
  • The Resource Server is the Fishbowl API Server used to access the User Account.

Creating an API User

  1. To create an API User you will first need to log into Enterprise as a Site Administrator; then navigate to the Administrators page found under Settings.

    AdminLink.png
  2. Then click Add New Administrator at the top of the page.

    Addadmin.png
  3. Fill out the UsernamePassword, and Email Address fields with the desired credentials. Then check the box located under API User and click Save.
Apiuser.png

             Note: If you are the Site Administratorfor multiple Enterprise Sites you will need to use the Add Site Dropdown to select the site(s) the user will to access need access to and then check the API User box for each.


Generating the Client ID & Client Secret

  • The Client ID is considered public information, and is used to build login URLs.
  • The Client Secret
  1. To generate the Client ID Client Secret you will first need to log into Enterprise as a Site Administrator then navigate to the Administrators page found under Settings.

    Addadmin.png
  2. On the Administrators page find the user you intend to generate the Client ID & Client Secret for, and click the Paddlock Icon next to their user name to access Security Settings.

    PaddlockScreen.png
  3. Now click the Register New Application button to generate the Client ID & Client Secret.

    RegisterNewApp.png
  4. You now have the Client ID & Client Secret needed to retrieve your Authorization Token.

    ClientSecret.png


Retrieving Authorization Token

The next step is to get anAuthorization Token from the Fishbowl Authorization Service using the API User credentials we created in the first step, the Client ID, and a Redirect URI.

The Fishbowl Authorization Service will only redirect users to a registered URI provided by the Client. Only 1 URI can be registered per client ID. Any HTTP redirect URIs must be protected with TLS security, so the service will only redirect to URIs beginning with "https". This prevents tokens from being intercepted during the authorization process.

The Client can create an Authorization Link sending the User to:

https://services.fishbowl.com/api/oauth2/authorize? response_type=code&client_id=CLIENT_ID&redirect_uri=REDIRECT_URI