Hi,
Trying to run a graphQL api with oauth2, but having some issues using the oauth2 as I never used it before.
Having issues in getting the access token, since it requires a redirect URL which the guides do not have, I tried using /oauth2-redirect.html as a standard redirect and then adding in the headers the Authorization for Bearer token but I always get a request that header does not have Bearer token, which is what I trying to get in order to authorize the oauth2. Any ideas how to set this up? Thank you.
It looks like zalando uses some flavor of client_credentials OAuth grant that’s not supported by Easymorph directly. But you can obtain access token by first making a POST request to zalando auth endpoint (via Web request action) and then extracting access_token from the response and using it in the remaining flow with something like
Thank you very much @olysak, your feedback lead me to the right path, there were still a couple of steps in the way, had to convert credentials to base64 and transform the graphql response body to a json format, other than that, perfect results. My great appreciation for leading me to the right path. Thanks.
An alternative workflow could be to have a separate connector for authentication only. Point it to https://api-sandbox.merchants.zalando.com/auth/token. In the connector, use the Basic authentication, and specify the $CLIENT_ID and the $CLIENT_SECRET as follows:
A POST request made using the connector should return the bearer token.
If you use a separate connector for authentication you don’t have to do the base64 encoding of the $CLIENT_ID and the $CLIENT_SECRET. The HTTP Basic authentication will do it for you.
Once you receive the bearer token, you can include it in requests as suggested by @olysak above.
The authentication connector is only used once, to receive the bearer token. The following requests should be done with another Web Location connector that has no authentication configured.