I am currently using OAuth 2.0 code grant authentication to connect to external system. I am able to generate token as pass it as an authorization header to the external system. But the problem is I am using connected system to get the access token but after the successful authentication i am getting id_token and access_token in the response. I am supposed to pass id_token as an authorization header but access_token is being sent as authorization header.
Help is appreciated. I am looking for any of the solution below or new option
1- How to extract connected system response into a variable?
2- Without using connected system how to generate OAuth2.0 token with Grant type as "Authorization Code".
3- How can I tell the connected system to pass id_token as a header rather than access_token?
Discussion posts and replies are publicly visible
Hi Jagadeesh,
As mentioned in the Integration object designer for the third option,
Default headers will be added to the request automatically. Add headers here to override or extend the default headers. Tip: Test the request to see which headers are being added before adding your own.
Hello Jagadeesh !
Have u found any solution to your above questions ?
I also need to extract connected system response into a variable. Please do let me know if you have a solution ? TIA
No. I didn't get a solution to get connected system output into variable. We are able to overcome this issue by configuring Azure AD to generate only one token rather than 2 tokens.
okay.
My actual use case is - I need to authorize the user against Azure AD every time he click on a save button. I am able to authorize for the first time using by a connected system using OAuth 2.0 Authorization Code Grant by receiving an access-token and this access token has an expiry of 15 mins. So all the sub-sequent integration calls are getting authenticated for next 15 mins but I want to restrict it and force the user to re-authenticate again via the connected system
I think this can be managed at Azure AD itself. Reduce the expiry time or deactivate access token once it is used. Try checking with AD team
Thank you. Reducing the expiry might not work as user could click multiple saves with in that expiry.
Other option - deactivate access token once it is used sounds good if it is possible. will check with AD team