A common example of system integration is to call the REST API of another service by sending an HTTP request from Questetra BPM Suite.
In such cases, an HTTP request is sent by using either of the following
on the Questetra side.
In many cases OAuth2 is used for authentication.
Although there are several types of OAuth2, if you use Authorization code as its grant-type Questetra can support it just by the configuration of some settings.
In this article I will describe how to set up OAuth2.
1: Overview of the procedure
The overview of the settings procedure is as follows.
- Preparation on the side of partner service to be invoked
Setting up using Questetra’s Callback URL, obtaining a Client ID and Secret
- Settings on the invoking side (Questetra)
Setting up using the endpoint URL of the partner service and Client ID and Secret that have been obtained, obtaining a token
- Settings in Questetra for invoking API
Setting up using the OAuth token that has been obtained
2: Preparation on the side of partner service to be invoked
On the side of the partner service to be invoked, the client’s registration in advance is required (sometimes referred to as App registration).
In this case, Questetra’s “callback URL” is required (sometimes referred to as the “redirect URI”).
- In a paid environment
- In a free environment (Starter Plan)
When you complete the registration, as the Client ID and Client Secret are displayed, make a note of them (they may be called Consumer Key or APP ID / Client Secret Code or Consumer Secret, etc.).
3: Settings on the invoking side (Questetra)
First, open the OAuth settings screen by one of the following ways. (The same screen will be displayed regardless.)
- Select OAuth 2.0 Setting in the ▼ App drop-down menu on the App detail screen
- In the Header tab on the properties screen of the Throwing Message Intermediate Event (HTTP) select OAuth2 in the Authorization Header field, and click the OAuth2 Setting button that appears
Click on the [Add] button to open the details settings screen. (You can confirm the Callback URL in this screen.)
Enter each item and click on [Save].
|Config Name||Can be any name you want. To be used for designation later.|
|Authorization Endpoint URL, Token Endpoint URL||Enter by referring to the manuals of the partner service|
|Scope||It depends on the partner service and the calling API. There are cases where it is not specified. Separate with a space in case of multiple names.|
|Client ID, Consumer Secret||Enter the aforementioned notes you made when registering to the partner service.|
Once you have saved the settings click on the “Get token” button and if you can successfully acquire the token then it has worked. If you are successful you will see the following display.
If you get an error here please check if there are any incomplete settings. If the settings are all correct there is a possibility of Questetra not being capable of supporting it, so please contact us. (Error details may not be displayed in the current specification.)
4: Settings in Questetra for invoking API
The OAuth token obtained above is used by specifying the following.
- Throwing Message Intermediate Event (HTTP)
In the Header tab select the Authorizaton Header OAuth2.
- Script Task
You can use the following. (While checking the manual you should refer to the source code of the published Service Task definition (Add-on XML).)
var token = httpClient.getOAuth2Token( XXX_OAuth Config Name_XXX ) httpClient.begin().bearer(token)
- Service Task definition (Add-on XML)
Specify in OAuth2 Setting Name, etc. (The config item name is just an example as it depends on the specification of the Service Task definition (Add-on XML).)
Do you now understand how to set up OAuth2?
Although there are some difficult parts, they are necessary to connect with various services. I hope you can learn it by any means.
If you have any questions, please feel free to contact us through the inquiry form.