How to connect with OAuth authentication

Comm100 allows you to access its APIs via the following authentication methods. Learn more about the API Authentication.

• API Key Authentication
• OAuth Authentication

OAuth is an open-standard authorization protocol that provides applications with “secure designated access.” OAuth does not share password data but instead uses authorization tokens to prove an identity between consumers and service providers.

You can use OAuth to authenticate all your API requests to Comm100. OAuth provides a more secure way for your application to access your account data without requiring sensitive information like email and password to be sent with the requests.

Step 1: Get the Client ID of OAuth Client

To get the Client ID of OAuth Client, follow these steps:

1. Log in to your Comm100 Control Panel.
2. From the left navigation menu, go to Global Settings > Security > OAuth Client.
3. If OAuth Client has been created already, just click Operation->Edit, then get the Client ID. Otherwise, Click New OAuth Client.
   
4. Enter the following OAuth Client details, and click Apply:

• Client name: The Client name is displayed to users when asked to grant access to your application or when viewing all apps that have been granted access.
• Description: A short description of your Client for users to consider access to your application.
• Company: This name is displayed when users are asked to grant access to your application. The name helps users understand to whom they are granting access.
• Client ID: Used as the identifier of your Client in code.
• Redirect URLs: Specify the URL (comma separated) that Comm100 should use to redirect users after they decide whether to authorize your application to access Comm100. The URLs must be absolute and not relative.
  

Your OAuth Client is successfully created and listed on the OAuth Client page, and get the Client ID from the OAuth Client.

Step 2: Get the OAuth Access Token

To get the OAuth Access Token, follow these steps(Postman or CURL):

Postman

1. Log in to Postman.

2. Go to Home > Create New > HTTP Request.(Menu might be differect on different Postman version)

3. Select the POST method and provide the URL. While generating an access token, the API request should start with your platform domain followed by the curl command, which is different from other API requests.
   For example, if your Control Panel domain is dash17.comm100.io, the API request should be https://dash17.comm100.io/oauth/token
   

4. Go to Body > x-www-form-urlencoded tab.

5. Input the following Keys and their Values. To learn more about the OAuth token parameters, see OAuth Authentication.
   

For example:

• email: XXXXXXXX
• password: XXXXX
• grant_type: password
• client_id: XXXXXX
  Note: Client ID is from Step 1: Get the Client ID of OAuth Client

6. Click Send.
   You get the OAuth Access Token to call APIs.
7. Copy the OAuth Access Token to your clipboard.
   

CURL

curl https://dash17.comm100.io/oauth/token \ 
-X 'POST' \ 
-H 'Content-Type: application/x-www-form-urlencoded' \ 
-D 'grant_type=password&email={comm100_agent_email}&password={comm100_agent_password}&client_Id={comm100_oauthClient_clientId}'

Step 3: Use the OAuth Access token & client ID to call an API

To call an API using the OAuth Access Token, follow these steps(Postman or CURL):

Postman

1. Select the GET method and provide the API request URL. The following example requests a Get a single Chat API: https://api17.comm100.io/v4/livechat/chats/fdbf4b5c-ce71-442f-a84c-28ee83aa3922

2. Go to the Authorization tab and choose the authentication type as OAuth 2.0.

3. Paste the OAuth Access Token in the Access Token field.

4. Ensure that the Header Prefix field is Bearer.

5. Click Send.
   

CURL

curl https://api17.comm100.io/v4/livechat/chats/93561bad-bc6d-4d97-b6da-6f5d91d0f18c \ 
    -X 'GET' \ 
    -H 'Authorization: Bearer {access_token}' \ 

To learn about Comm100 API request URL, see Server API (Restful) Reference.