Tray Embedded / Core Topics / Authentications / Mapping and editing Auths

Mapping and editing Auths

Mapping Authentications

In order to map an End User's Authentications to their Solution Instances, you can run a GraphQL query which combines listing their Solution Instances and Authentications.

This query requires a User access token (obtained as per Create User Token) to be passed as the Bearer in the request header:

query {
viewer {
solutionInstances {
edges {
node {
id
name
authValues {
authId
externalId
}
}
}
}
authentications {
edges {
node {
id
name
}
}
}
}
}

An example result would be:

{
"data": {
"viewer": {
"solutionInstances": {
"edges": [
{
"node": {
"id": "5f85b697-7b1b-4a1b-9c8f-5d7dabe22634",
"name": "Slack channel solution 1",
"authValues": [
{
"authId": "569adf96-3c05-40a6-b565-07e829d2c56d",
"externalId": "external_slack_authentication"
}
]
}
},
{
"node": {
"id": "41bbe979-d162-4c02-b03b-e8ca7f5c02f5",
"name": "Slack and Trello solution 1",
"authValues": [
{
"authId": "0b07a653-fbc3-4e91-9893-b8d4121471c3",
"externalId": "external_trello_authentication"
},
{
"authId": "a29d8a87-4b58-49a3-928d-99901f41c698",
"externalId": "external_slack_sales_dept_authentication"
}
]
}
}
]
},
"authentications": {
"edges": [
{
"node": {
"id": "569adf96-3c05-40a6-b565-07e829d2c56d",
"name": "Roger Ramjet's Slack Account"
}
},
{
"node": {
"id": "0b07a653-fbc3-4e91-9893-b8d4121471c3",
"name": "Roger Ramjet's Trello Account"
}
},
{
"node": {
"id": "a29d8a87-4b58-49a3-928d-99901f41c698",
"name": "Roger Ramjet's Slack Account 2"
}
}
]
}
}
}
}

This information can then be used to map Instances and Authentications in your application.

Note that the above example shows that one End User can have two different authentications for the same service - in this case for Slack authentications. The authId tells you which auth has been used for which Solution Instance.

The unifying identifier here is the authId - this can be used to map any of the other values such as name and id of the Solution / Instance and name of the Authentication,

Note also that externalId is an auto-set value which you can edit when creating your Solution:

externalId is primarily used for importing already-made authentications, when it is passed along with authId to identify what service within the solution the authentication is for.

Editing Authentications

If an End User needs to edit an authentication you can allow them to do this with the following url which accepts the authid:

https://embedded.tray.io/external/auth/edit/embeddedId/authId?code=authorizationCode

Remember that embeddedId is the value that you set when configuring your Config Wizard CSS

And that {authorizationCode} is the one-time use code that must be generated as per Create Config Wizard Authorization Code

You can remove the tray.io domain and whitelabel the Config Wizard url. If you have done so then embedded.tray.io will be replaced with e.g. acme.integration-configuration.com

Skipping Auth naming page

For OAuth services you can skip the title page and go straight to the scopes selection page by adding the skipTitleField=true query parameter to the above url.

Skipping Auth settings page

For OAuth services (i.e. non-token-based) you can skip both the title page and settings page (i.e. login details) and go straight to the scopes page by using the skipAuthSettings=true query parameter.