Expose OAuth Endpoints


Zapier gives me a list of things that I will need to configure for the zapier app to be able to communicate with my app vi OAuth. I think this is a good way to call out the routes I need to build.

  • Authentication Type
    • OAuth V2 w/refresh
  • Client ID
    • AKA “Consumer Key” or “API Key”
    • zapier
  • Client Secret
    • AKA “Consumer Secret” or “API Secret”
    • asdjhalsgdhgaposdigu (some string)
  • Authorization URL
    • For now I will list what I see the consent app presenting.
    • http://localhost:4444/oauth2/auth?client_id=demo&redirect_uri=http%3A%2F%2Flocalhost%3A4445%2Fcallback&response_type=code&scope=offline+openid&state=demostatedemostatedemo&nonce=demostatedemostatedemo
    • They say that they will construct and append the querystring for me. So I don’t think I need any of the garbage.
    • I clearly need to expose Hydra (4444) as this route.
    • I’ll tell Zapier my string is:
      • http://localhost:4444/oauth2/auth
      • OR
      • http://app.flowmojo.com/api/v1/oauth2/auth
  • Access Token URL
    • I think this one should just be:
      • http://app.flowmojo.com/api/v1/oauth2/token
  • Refresh Token URL
    • I get a 404 for this URL
      • http://app.flowmojo.com/api/v1/oauth2/refresh
    • Spec says this URL should be fine:
      • http://app.flowmojo.com/api/v1/oauth2/token
  • Scope
    • “read write offline openid”
  • Access Token Placement
    • [blank]


I added some stuff to the zapier app and then tried the integration It tried to go here!


That’s progress!

Next up, I need to configure Zapier’s desired route to be the right one for our application.