OAuth 1.0

Connection is a link between Make and 3rd party service/app. OAuth 1.0 connection handles the token exchange automatically.

Before you start configuring your OAuth 1.0 connection, you need to create an app on a 3rd-party service. When creating an app, use https://www.integromat.com/oauth/cb/app-oauth1 as a callback URL.

Components

Communication

pageCommunication

  • aws directive is not available

  • Communication is extended with oauth

  • pagination directive is not available

  • response.limit is not available

  • response.iterate directive is not available

  • response.output is not available

  • response is extended with data

oauth

It is sometimes very tedious and hard to generate an OAuth 1.0 Authorization header. So we have provided a helper directive, that will simplify this task. Below are all the properties that you can use to customize the header generation.

Key

Type

Description

consumer_key

IML String

Your consumer key

consumer_secret

IML String

Your consumer secret

private_key

IML String

Instead of consumer_secret you can specify a private_key string in PEM format

token

IML String

An expression that parses the oauth_token string.

token_secret

IML String

An expression that parses the oauth_token_secret string.

verifier

IML String

An expression that parses the oauth_verifier string.

signature_method

String

Specifies the desired method to use when calculating the signature. Can be either HMAC-SHA1, RSA-SHA1, PLAINTEXT. Default is HMAC-SHA1.

transport_method

String

Specifies how OAuth parameters are sent: via query params, header or in a POST body. Can be either query, body or header. Default is header

body_hash

IML String

To use Request Body Hash, you can either manually generate it, or you can set this directive to true and the body hash will be generated automatically

response.data

The data directive saves data to the connection so that it can be later accessed from a module through the connection variable. It functions similarly to the temp directive, except that data is persisted to the connection.

Example:

{
    "response": {
        "data": {
            "accessToken": "{{body.token}}"
        }
    }
}

This accessToken can be later accessed in any module that uses this connection like so:

{
    "url": "http://example.com",
    "qs": {
        "token": "{{connection.accessToken}}"
    }
}

Parameters

pageParameters

Parameters that the user should fill while creating a new connection.

Default Scope

pageScope

Default scope for every new connection.

Scope List

pageScope List

Collection of available scopes.

Common Data

pageConnections

Non-user-specific sensitive values like salts or secrets.

OAuth 1.0 Authentication Process

OAuth 1.0 authentication process consists of multiple steps. You are able to select the steps you need and ignore the steps that you don’t - just fill in the needed sections and delete unneeded ones.

Key

Type

Description

oauth

OAuth 1 Parameters Specification

Allows you to specify special OAuth 1.0 properties to simplify OAuth 1.0 header generation.

requestToken

Request Specification

Describes a request that retrieves the request token

authorize

Request Specification

Describes authorization process.

accessToken

Request Specification

Describes a request that exchanges credentials and the request token for the access token.

info

Request Specification

Describes a request that validates a connection. The most common way to validate the connection is to call a method to get user’s information. Most of the APIs have such a method.

When using an OAuth 1.0 connection there is a special object available globally: the oauth object. You can use it in connection specification as well as in module specification to avoid generating the OAuth 1.0 header yourself. This object is available at the root of the connection specification, in the Base and in Request Specification

If the oauth object is present in the root of the connection specification, it will be merged with each of the directives described above. If you wish to override some properties of the root object, you can do so in the respective directive by specifying the oauth object and overriding the properties.

Available IML Variables

These IML variables are available for you to use everywhere in this module:

  • now - Current date and time

  • environment - TBD

  • temp - Contains custom variables created via temp directive.

  • parameters - Contains connection’s input parameters.

  • common - Contains connection’s common data collection.

  • data - Contains connection's data collection.

  • oauth.scope - Contains an array of scope required to be passed to OAuth 1.0 authorization process.

  • oauth.redirectUri - Contains redirect URL for OAuth 1.0 authorization process.

PreviousJWTNextOAuth 2.0

Last updated