OAuth2: Client credentials grant
This is very similar to the auth code flow use OAuth2 based authentication as it ensures high security.
For this, you'll need to create an OAuth app with the third party service.
You will then need:
client ID and client secret of the OAuth app
authentication URL and access token URL of your third party service
Authentication Demo: TwitchCopy
To demonstrate how to set up an OAuth2 service with Client credentials grant flow, this demo will use the Twitch API docs for the remainder of this example.
Note for ParameterizationCopy
Parameterization allows you to provide the values for fields like Client Id, Client Secret and the API url at the time of creating authentications. It adds:
reusability as you can use different OAuth apps in different integrations by creating a single service
security as you don't have to expose the values in the services page and you will only feed them while creating the auth.
Here's an example on how it can make your service reusable:
Shopify has custom URL for domains, you can parameterize the url in the OAuth 2 settings by passing a placeholder as:
Now you can add the same placeholder value below in the 'Authentication parameters' section
NOTE: The unique property key has to match the placeholder value you passed in the settings.
Redirect URL note for embeddedCopy
If you need a white-labelled solution, you can add another redirect URL
The above URL will replace the redirect URI query parameter in the config wizard/auth-only domain when your end users configure their solution instances.