Learn how to authenticate applications using password authentication.
Some client applications use Password Grant authentication, despite that this authentication type is deprecated in OAuth 2.1 specification. Use the following example to allow password authentication.
This example requires the following procedures and possibly two different roles to perform them in this order:
ProcessMaker Platform administrator: Configure password authentication for the client application.
Application developer:
Follow these steps to configure password authentication for the client application:
View authenticated clients. The Auth Clients page displays.
In the Name setting, enter a name for this client authentication. This examples uses Client Authentication for Client Application
.
Click Save. A new authenticated client is created.
Follow these steps to prepare the first API call:
Prepare the body of your first request in JSON format. Replace the values in brackets below with the actual values from your environment.
Send the prepared JSON body as a POST
request to the endpoint /oauth/token
in your ProcessMaker Platform instance. Below is an example using the test environment from the image above. Most notable is the client_id
value, which is the row designated in the Client ID column of the Auth Clients page, and its client secret value.
Send the first request. Your ProcessMaker Platform instance responds in JSON format. This is the bearer token from which future API calls may be used. Below is an example of the bearer token.
Below is an example of using the bearer token to make a request that lists all users.
Note that the response containing your bearer token also contains a time of expiration and a refresh token. The expiration time is the number of seconds until the bearer token expires. After that time, request a new bearer token using the refresh token. Below is an example API call that obtains a new bearer token using the refresh token.
Click the +Auth Client button. The Create Auth-Client screen displays.
Select the Enable Password Grant setting.
Locate the authenticated client in the Auth Clients page, and then click the Copy Client Secret to Clipboard icon.