Custom app - Getting token using oAuth2 without redirect not working

Custom Apps
1

Hello, I have been struggling with this for a while.

basically I want the user to enter client_id, client_secret, grant_type and scope when creating a new connection, The connection should then get the token using this data, but it does not seem to be doing that.

code below is one thing I have tried, also tried to put the body in seperate objects wihtout any luck. I also tried to set the type to other things.

I don’t get any errors when add the connection but I always get back 401 not authorized when I run the module.

I have been looking for a way how to see the request from the token fetch but that seem to deeply hidden somewhere at makes servers.

When I look in dev tools plugin I see the same as in the ui, 401 error.

there is nothing wrong with the service, I can successully get the token using both postman and curl

what am I doing wrong and how do I see what’s going on during the connection request?

CONNECTION

{
    "type": "other",
    "authorize": {
        // Not needed for client credentials grant (no user redirection)
    },
    "token": {
        "url": "https://connect.visma.com/connect/token",
        "method": "POST",
        "headers": {
            "Content-Type": "application/x-www-form-urlencoded"
        },
        "body": "client_id={{parameters.client_id}}&client_secret={{parameters.client_secret}}&grant_type={{parameters.grant_type}}&scope={{parameters.scope}}",
        "response": {
            // Directly map the access_token to the connection object
            "accessToken": "{{body.access_token}}"
        }
    },
    "info": {
        // Optional: Validate the token by making a test API call
        "url": "https://business.visma.net/api/graphql-service",
        "method": "POST",
        "body": {
            "query": "query { availableCompanies { totalCount } }"
        },
        "headers": {
            "Authorization": "Bearer {{connection.accessToken}}"
        }
    }
}

BASE

{
    "baseUrl": "https://business.visma.net/api/graphql-service",
    "headers": {
        "Authorization": "Bearer {{connection.accessToken}}",
        "Content-Type": "application/json"
    },
    "body": {
            "query": "query { availableCompanies { totalCount } }"
        },
       
	"response": {
        "valid":"{{!body.error}}",
		"error": {                                       
			"message": "Base Error[{{statusCode}}] {{body.error}} {{body.detail}} AccessToken: {{connection.accessToken}} {{connection.token}}" 
		}
	}

}
2

Hi @tadrian,

At first glance, the data directive in the response of the authorize call seems to be missing. The data directive saves data to the connection so that it can be later accessed from a module through the connection variable, which you are doing in the info call. E.g.:

    "response": {
        "data": {
            "accessToken": "{{body.access_token}}"
        }
    }

Also, I see no sanitazion, so your credentials are exposed. And on second glance, you are also missing the type directive, you can use type: “urlencoded” to pass the body as JSON. (but maybe your approach could work, too)

Tip: create a new Client Credentials connection in your Custom App, it will show you a default communication, which you can tweak to your likings.

Cheers,
@Henk-Operative

3

thanks, but I have kind of tried everything by now, removed all the fuzz like sanitize.
tried your response code but still no luck

4

is it possible for you to create a connection that should work, and instruct me how I can verify the request and response of the connection?

5

Custom Apps are advanced stuff. I can give you some guidance for free on this community, but if you need one-on-one support, or want a solution built, I cannot voluntarily offer my valuable time. I hope you understand that. If you wish, you can plan a meeting with me.

If you are not interested in that, which I would understand, you are at the merci of this community.

As with all development issues, try solving the problem step by step. Try to use the Make DevTools and the network tab to get some insights on the calls performed by Make and the responses received.

Also, please share your exact code (except for sensitive data) and the documentation of the Visma API you are trying to reach.

Cheers,
Henk

6

I understand, no worries!

I am at the point where I have tried everything , so not really sure what code to share anymore.

i have read the developer documentation for base, connection and module so many times and have tried all the different connection templates and also looked at all the examples in the vscode extension

I have been able to run my module without errors but it doesnt return anything

I am starting to think that it is not posible, because I do not see any examples of what I am trying to do.

  1. when the connection is created it should get the apikey using POST to the token endpoint (also refreshed)
  2. when the module run it should do a POST and get the JSON from the graphql endpoint
  3. the module should return the json from the POST into an interface variable I can use in other modules.
7

Since it is possible to create the authentication via Postman/cURL, I trust it will be possible via Make. Don’t give up hope just yet.

Have you added "type": "urlencoded" to the token request and the body as a JSON object like this?

"body": {
			"client_id": "{{parameters.client_id}}",
			"grant_type": "client_credentials",
			"client_secret": "{{parameters.client_secret}}"
		}

Additionally, you can replace the URL of the requests with a webhook or a service like ‘Webhook.site - Test, transform and automate Web requests and emails’ to double-check if the payload sent from Make is what it should be.

Cheers,
@Henk-Operative

1 Like
8

thanks, interesting. how do I do that?

9

I have removed the base and tried to minimize as much as possible.
here is what I have now, same error what ever I do

CONNECTION

{
	"token": {
		"url": "https://connect.visma.com/connect/token",
		"method": "POST",
		"type": "urlencoded",
		"body": {
	        "client_id": "{{parameters.client_id}}",
            "client_secret": "{{parameters.client_secret}}",
            "grant_type": "{{parameters.grant_type}}",
            "scope": "{{parameters.scope}}"
        },
		"response": {
			"data": {
				"accessToken": "{{body.access_token}}" 
			}
		}
		
	}
}

MODULE


{
    "url": "https://business.visma.net/api/graphql-service",
    "method": "POST",
    "headers": {
        "Content-Type": "application/json",
        "Authorization": "Bearer {{connection.accessToken}}"
    },
    "body": {
       "query": "query { availableCompanies { totalCount items { name vismaNetCompanyId vismaNetCustomerId } } }"
    },
    "response": {
        "data":{
            "output": "{{body}}"
        }
    } 
}

image
image776×634 56.1 KB

image
image851×696 61.7 KB

Authentication | Business NXT API | Visma Software Documentation

10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.