Hi Team,
Could you guys clarify the recently released OAuth function will work for the below use case,
Outreach Authorization: - Outreach API Documentation
- Request an authorization code from an Outreach customer by redirecting them to the following URL:
https://api.outreach.io/oauth/authorize?client_id=<Application_Identifier>&redirect_uri=<Application_Redirect_URI>&response_type=code&scope=<Scope1+Scope2+Scope3>
- Once the Outreach customer has clicked
Authorize
they will be redirected back to your link’sredirect_uri
with acode
query parameter. That code is a short-lived authorization token, and you can exchange that code for an access token, which can then be used to make API requests on behalf of the customer. To receive an access token, make a POST request to the following URL with the following parameters:
curl https://api.outreach.io/oauth/token \
-X POST \
-d client_id=<Application_Identifier> \
-d client_secret=<Application_Secret> \
-d redirect_uri=<Application_Redirect_URI> \
-d grant_type=authorization_code \
-d code=<Authorization_Code>
- A successful response to this request will return a JSON payload including the
access_token
, arefresh_token
and anexpires_in
timestamp. The access token can be used to make authenticated requests on behalf of the customer but will expire once theexpires_in
attribute has passed. (Tokens are also revoked when the customer revokes their authorization grant.) Once the access token has expired, you can retrieve a new one by using therefresh_token
grant type and by passing the refresh token to thecode
parameter:
curl https://api.outreach.io/oauth/token \
-X POST \
-d client_id=<Application_Identifier> \
-d client_secret=<Application_Secret> \
-d redirect_uri=<Application_Redirect_URI> \
-d grant_type=refresh_token \
-d refresh_token=<Refresh_Token>
Note:
- Each user/application pair can generate a maximum of 100 access refresh tokens at any given time.
- Access tokens remain active for 2 hours
- Refresh tokens remain active for 14 days. To automate the API authentication, use the refresh tokens to sustain the session at runtime.
I tried it and getting the error message as,
{
status: 400,
headers: {
‘content-type’: ‘application/json’,
‘content-length’: ‘150’,
connection: ‘close’,
date: ‘Mon, 28 Jun 2021 07:38:33 GMT’
},
response: ‘{“error”:“Unsupported authorization header.”,“description”:“The Authorization header must have the format ‘Bearer access_token’ with a single space.”}’,
attempts: 1,
errorSource: ‘APP’
}