OAuth 2.0 - Authorization Code
Use this grant for secure, delegated access to user data.
Configuration Steps
Configure your Fields: Add optional user-specific inputs (e.g.,
Region,Environment).Copy your OAuth Redirect URL: Copy from viaSocket and paste into your app’s developer console. Must match exactly.
Enter Application Credentials: Enter
Client IDandClient Secretfrom your app’s developer dashboard.Configure Authorization Endpoint: Enter the login page URL (e.g.,
https://service.com/oauth/authorize).Configure Access Token API: Enter the endpoint that exchanges the login code for an
access_token.Configure Refresh Token API: (Optional) Enter to extend session life automatically.
Configure Revoke Token API: (Optional) Enter to allow users to disconnect their account.
Configure Test (Me) API: Provide a lightweight endpoint (e.g.,
/me) to validate the connection.Add Connection Label: Set a dynamic name using placeholders (e.g.,
{{email}}).Add Icon: Enter the key from your Test Endpoint response containing the user's avatar URL (e.g.,
{{profile_image}}).Add URLs to Whitelist: Whitelist only the base domains required for your API calls.
Add Unique Connection Identifier: Map a field (e.g.,
account_id) to prevent duplicate connections.Set Request Parameters: Define default headers/params applied to every API call.
Disable Whitelist Domain Validation - Allows API calls to any domain, not just the ones listed above.
Common Request Parameters
Use Case | Key | Value |
Bearer Token |
|
|
API Key |
|
|
⚠️ Warning: Do not include sensitive data or dynamic values that change per-endpoint here. Use this for global, static requirements only.
How it Works?
User clicks Connect.
User authenticates via the app's login page.
App sends a temporary code to viaSocket.
viaSocket exchanges the code for an
access_tokenand initiates the session.