06-03-2016 11:14 AM - edited 08-03-2021 01:11 PM
This guideis part of the "Guide to Creating Your Own Connector" series.
If the API that you are working with requires you to sign or authenticate your requests, it may utilize an implementation of OAuth 2.0 or another authentication method to show that you have the access needed to consume the web service. There are some key words that you can look for in the API documentation that you are using that will help you quickly choose the appropriate grant flow to use in Alteryx. Below is a list of many of the authentication methods you may encounter, along with whether they do or do not lend themselves to being used within an Alteryx workflow.
If the authentication method being implemented requires you to first grant authorization in order to receive an access token, that should be one of the very first steps of your process. This would involve you taking in the required set of credentials, and then passing that to the authorization service in order to exchange it for the token that will be used to authenticate your requests. If you are dependent on a response from an authorization service that contains the access token, you will need to parse the value out of the response and pass it to subsequent API calls that require it. If working with something like an API Key, or Basic authentication, you only need to do what is necessary to prepare the key, and then use it in the workflow in the appropriate place, either as a header or as a parameter on the query/payload.
.
Hi Tasha,
Thank you for sharing. Can you please provide an example of how to implement basic authorization with get / put method? I don't fully understand where I should put the user name and password? in the value of Authorization under "Headers" tab?
Thank you in advance.
Terry
Hello Tasha,
your posts are incredibly helpful! thank you.
but i have an issue with authorization.
i set the connection just like you described on "REST API In 5 Minutes-No Coding" but i keep getting the error: 401 Unauthorized
i tried also follow you articuule here but not fully understand where i should type in this encoded password.
from my understanding to get this connection but not only need api key but also credentials to our account in this platform (in my case this is campaignbreeze.com / https://app.campaignbreeze.com/docs/#)
and this credentials must be encoded and typed into Headers tab in download tool? am i right?
but how to do this? i did sth like this but it doesnt work:
i would be very thankful for you help on this!
Hi @AABondel !
I looked at CampaignBreeze documentation, and I would advise following the 1st image in this blog post. The CampaignBreeze API leverages an api-key header, and doesn't use the 'Basic' header.
Your Download Tool configuration would look more like this:
Best,
Tasha
Hi @TashaA , have you come across a good Alteryx macro for Oauth 1.0 authentification?
I tried that one:
https://community.alteryx.com/t5/Alteryx-Designer-Discussions/OAuth-1-0-example-needed/td-p/36156
And that is really impressive work by @jarrod .
Alas it didn't work for the API I need (https://support.tripleseat.com/hc/en-us/articles/205820987-API-Authentication)...
I got the authentification to work with Postman and its OAuth 1.0 module, and the fields generated by the Macro look very similar. Yet, macro doesn't work... When I paste the authentification data generated by Postman in the Download tool, my workflow works, but not with the strings generated by the macro...
I can't tell where the Macro and Postman differ...
@fpinchon Oauth 1.0 is very picky about the values being input since it deals with a hash. so any space/newline/value being used to create the hash will throw it off. when building that oauth macro, i actually first got a call to work in postman, grabbed that authorization hash, then created all of the combinations i could think of (including timestamp set to when i got the call to work) and found the one combination that worked. for me, the largest issue was what url was being used to create the signature. Port numbers threw it off for the gallery api...
For api work, i also find a working call in postman then go to Code -> cURL and compare that text with how i have the download tool setup.
Thanks for the guidance @jarrod. I am stuck at that stage you describe, I get the working cURL script from Postman, and the output from your macro, and they look very very similar, but yes, it seems the signature gets rejected... The documentation for Oauth 1.0 is quite awful, so hard to tell what goes into the signature...
yeah, creating that macro was a lot of guess and check since the documentation is lacking for OAuth1.0. I'd probably set up a few different scenarios and guess and check which versions are going to work.
@fpinchon the only other option i can think of is running oauth1.0 through triple seat's python library then pull that in to run the call through the download tool.
Alteryx Private Gallery API Runner API's @jarrod
I am trying to get data from rest API. I am keep getting 400 error after providing correct AUTH. Please help me out!!!!!!
@Aditia check the download data field it looks like there is an error message there that might help with your situation. Possibly a syntax error in your body. When that happens I typically Google the error code/description and see if that offers any clues.
Thanks @jarrod