Calling REST OAuth (not App user authentication)

Hi,
I’m trying to connect to a publicly accessible web API that seems to require a standard/typical call at the beginning of the session to get an authentication token so that subsequent calls to the API are on an authenticated basis (passing the token).

I’m trying to the use three standard REST OAuth2 calls (Authorize, Token, Refresh) from inside an appgver function graph, so that I can persist the token to make subsequent (authenticated) API calls from within the app.

Does any have or has anyone seen an example of doing this from within AppGyver?

Is there a way to do this with “Direct third party authentication”?

Thanks!
Dave Gerding

Hi! We have a lot of users that have been using various OAuths. I would recommend searching from the forums about the topic, here’s one to start with: App brought to foreground via URL no longer passing parameters - Our auth broken - #11 by Erin_Wagner

Not sure what you mean by “AppGyver function graph” – if you mean using a JavaScript box, I would recommend trying out the REST API integration or the HTTP Request flow function first.

So I’d say yes, enable the “direct third party authentication” and go from there. If you run into problems or have more specific questions, ask here or in a relevant thread posted previously :slight_smile:

Hi Mevi,
Thanks for the reply :slight_smile: I’ll try and implement third-party OAuth (bungie.net) app integration. What if I need to “app authenticate” the user for the main app, but wanted to use a second REST API that also requires authentication?

Is there an example anywhere of authenticating “in code” or behind the scenes, bascially so that I might call more than one REST API when they both want authentication?

I’m also going to post a couple of other questions under different thread…

ALSO: Can you email so I can ask about how I can ask questions about “Black”?

Thanks,
Dave G

Hmm, the thing with a “second authentication” is that while it can be done, it can quite quickly become a security vulnerability unless you do it right (in the backend instead of on the device, or using the first login in the second one). Please see this primer about security for things you need to take into account.

For AppGyver Black, that is under SAP BTP now, so if you want a subscription please contact SAP. You can start from here: Digital Commerce Platform

If you have more generic questions about what the subscription contains etc, you can ask them here :slight_smile:

Hi Mevi,
again, another follow-up question.

Is there an example (screen shots?) anywhere doing a “standard” OAuth2 authentication? Any example other than the discussion thread by Erin Wagner?

If I sign up for the $10 a month BTP Appgyver service I found in the SAP Discovery Center, what features, if any would be different? Is there any free trial period for that service? That would let my students and I be in the same dev context.

Thanks!
Dave G

Unfortunately I don’t think I have an example for OAuth2 other than the ones on the forums :thinking:

Currently the features only available on BTP AppGyver are translation variables and release management. There will be more in the future. There’s no free trial that I know of I’m afraid.