Custom Apps support multiple authentication methods. To setup the Authorization for the Custom App, navigate to Authorization in the App and choose the desired method.
The methods of Authorization are:
If the Custom App requires API Key based authentication, select Key Based. It requires users to set up an API for generating access tokens.
Follow the steps below to setup your custom app:
1
Select Key Auth type
Select either of Basic Auth, Bearer Token or API Key as the auth mechanism.
2
Configure User Input Fields
Add the input fields that will be visible to your users asking for the required API credentials and click on Save.
3
Map Auth fields
Once you have added the required user input fields, map those fields now to setup auth data.
4
Add Base URL
Provide the Base URL of the API endpoints for the custom app and the key code for Invalid API Credentials.
5
Setup Identifier and Validation
Optionally, you can also provide an endpoint which will be called to perform validation of the provided credentials.
Its recommended to provide a GET API endpoint to perform validation, so as to avoid modifying any data using the credentials.
Congratulations!
You have successfully setup a Key based Custom Application in Cobalt.
If you want to provide OAuth 2.0 type authorization, select OAuth 2.0 in the methods.
Follow the steps below to configure OAuth mechanism for your custom app:
1
Provide OAuth Credentials
Add the Client ID, Client Secret and the Scopes of the developer OAuth 2.0 app that you have created.
Ensure that you add the provided Callback URL in your developer OAuth 2.0 app.
2
Add Authorization and Token URL
Add the Authorization and Token URL required for OAuth authentication in the provided fields, select Client Authentication type and Save.
You can find both the URLs from the Authentication documentation of the custom app that you are setting up.
3
Setup Refresh Mechanism and API Base URL
In the API Setup section, provide the Base URL for the APIs and appropriate code i.e. Expired Access Token Codes which is received on token expiry for the Refresh mechanism to work.
4
Extract Access Token & Refresh Token
In the Auth Tokens Data section, you will provide the mapping using which the tokens can be extracted once received on callback on successful authorization.
Usually an object is received after authorization which will be saved as access_token_response on Cobalt’s end and you need to provide the key mapping of the required fields from the object.
5
Setup Identifier
Optionally, you can also provide an endpoint which will be called and used to set a field from the API response to use as an identifier for the user.
Its recommended to provide a GET API endpoint to perform validation, so as to avoid modifying any data using the credentials.
Congratulations!
You have successfully setup a OAuth 2.0 Custom Application in Cobalt.
Select this option if no authentication is required for accessing the custom app.
By using the OpenAPI Spec doc, actions were created in your integration. You can check all the actions that were created by navigating to Custom Actions tab of the app.
You can also edit an existing action or add a new action if required from this tab.
To create an action, click on the New Action button and provide a Name and Description.
Add any required or optional Fields for the API and add the API under API Call section.
Provide the API by breaking it into 2 parts i.e. Base URL and the Endpoint.
Adding a new action is similar process to how you add an API Proxy in Cobalt. Refer here.
You have successfully created a Custom App in Cobalt using the OpenAPI Spec documentation.
