Question

Connecting To Authorization Endpoint - OAuth Authorization Flow

  • 17 May 2021
  • 1 reply
  • 35 views

Hi,

I’m trying to test Acumatica’s OAuth Authorization flow using Postman. I need to implement an API that will generally be called from a website (our customer portal) and return some information from our company’s Acumatica via OData.

I followed the steps in the I300 Web Services course: https://openuni.acumatica.com/courses/integration/i300-web-services-basic-data-retrieval/

as well as in the reference documents: https://help-2021r1.acumatica.com/(W(2))/Wiki/ShowWiki.aspx?pageid=2930d2f7-e081-4d0e-8879-93907ce82607

I am able to use the Resource Owner Password Credentials flow successfully, but we need to implement the Authorization flow, using a client_id + client_secret approach.

I already created a Client in the Connected Applications screen, and set the flow to Authorization Code.

Please correct me if I’m wrong: I understand that every time this API will be called, it will need to first request an authorization code from (GET) https://<Acumatica ERP instance URL>/identity/connect/authorize, and then use that code to get a token from (GET) https://<Acumatica ERP instance URL>/identity/connect/token. Then that token can be used to successfully authenticate our main API call to retrieve information from OData.

When I try to test the first part of this process in Postman (retrieving the authorization code) I’m just getting this:

If I try the URL directly in the browser with the same parameters, I get this:

 

Could you please let me know what am I doing wrong?

I’m currently using https://oauth.pstmn.io/v1/callback as the redirect uri value (and I also included it in the client’s Redirect URIs page in the Connected Applications screen in Acumatica). In fact I would also like to know what should I use as the redirect uri if all this will be initially triggered by a javascript function when the website loads, which will trigger an API call to a function in AWS, which will run the authentication/token calls above.

(Any comments or suggestions to help improve this process are more than welcome)

 

Thanks in advance!


1 reply

Please disregard this question. I was able to finally make it work.
For some reason when I disactivated and activated the client in the connected applications screen, it started working properly.

Reply


About Acumatica ERP system
Acumatica Cloud ERP provides the best business management solution for transforming your company to thrive in the new digital economy. Built on a future-proof platform with open architecture for rapid integrations, scalability, and ease of use, Acumatica delivers unparalleled value to small and midmarket organizations. Connected Business. Delivered.
© 2008 — 2020  Acumatica, Inc. All rights reserved