When a user initiates an integration with Orange Logic from a third-party application, that application communicates with Orange Logic. Orange Logic first prompts the user to log in and, after a successful user authentication, executes the authorization call.
When you’re first setting up the system to allow users to authorize third-party application API calls, you’ll send the authorization call and authorize the third-party application.
-
In your browser search bar, enter the following authorization call, adding the client ID and redirect URI from the application account. Enter any value in the
stateparameter.https://{OrangeLogicURL}/oauth2/auth?&client_id={clientID}&response_type=code&redirect_uri={uri}&state={anyvalue}
Notes
- The authorization call is case sensitive. Use lower case for all parameters.
- The
stateparameter allows you to validate the response to your call by verifying the value you entered. This security feature is designed to prevent attacks and to store additional detail about an application. For more information about OAuth 2.0 state parameters, refer to AuthO’s documentation.
-
Click Authorize in the third-party authorization window.
Authorization window for third-party application account
You will be redirected to the URI that you entered in the application account. The URL in the browser address bar will look like this:
https://redirect_uri.com?code=[AUTHORIZATION_CODE]&state=[yourvalue]
-
Copy the authorization code from the URL. You’ll need this information to run the OAuth2 token call.