Authenticeren via Oauth 2.0
Click here for generic information about Oauth 2.0: Open API
i-Reserve is configured to work with grant type "authorization code".
This article describes how i-Reserve can be used as an identity provider for authentication.
The external application is asking i-Reserve to verify whether a given user has give certain rights (also known as the scope).
Usually it is the external application which is offering services to the end user (service provider).
Next to this, the Oauth authentication method is also used to connect functionality in i-Reserve with the functionality of the external application (i.e. a calendar synchronisation).
The Oauth credentials are available in the API and can be used to edit data but also to setup web hooks.
Steps
The steps for setting up an authenticated user:
- Register external application in i-Reserve by making a client_id and client_secret.
- Register i-Reserve in the external application
- Make a connection from the external application to i-Reserve
1. Register external application in i-Reserve by making a client_id and client_secret
Log in as administrator in i-Reserve backend and go to the configuration panel.
Select the menu "Oauth clients" in the menu "System".
Make a new client_id. The client_id must be unique for the environment but can be any text value.
Example: the client_id for Microsoft Flow could be "ms_flow".
Enter a secret, Use a secret generator if needed for creating a random string.
The maximum length of the secret is 80 characters. Do not use a secret which is short. Preferrably 32 characters.
Example: "rgPpaGtvJHJevYzPjt45QF71LXxRpVbM".
Enter an optional redirect_uri for the external application. This information comes from the external application.
The redirect_uri is used to redirect the user after succesfull authenticating.
2. Register i-Reserve in the external application
This step is dependant on the functionality of the external application.
The attributes which are needed are the ones in the table below.
{{endpoint}} is the base URL of the environment where the connection needs to be made to.
This could be: demo.i-reserve.net
| client_id | as created in step 1 |
| client_secret | as created in step 1 |
| Authorization URL | https://{{endpoint}}/oauth/authorize |
| Access Token URL | https://{{endpoint}}/oauth/token |
| Refresh Token URL | https://{{endpoint}}/oauth/token |
3. Make a connection from the external application to i-Reserve
This step is also dependant on the usage of the external application.
The application tries to connect based on the data from step 2.
If correctly configured, a login modal appears for entering the user credentials.
After that a permission screen is show where the user can grant permission for the requested scope.
