Re: Oauth 2.0 authorization process

Anonymous
Not applicable

Oauth 2.0 authorization process

We are trying to integrate Marketo with our application but i have a question about oauth authentication process described at http://developers.marketo.com/documentation/rest/authentication/.

In oauth 2.0 standerd, user should create an oauth app and whose client id and client secret will be used to fetch the access token to any user account. Only user should authorize the App to interect with his data(according to the scope defined while authrorizing the App).

But here there is not such authorization process and to fetch to the access token, we have to provide the client key and client secret of every account like below:

<Identity Service URL>/oauth/token?grant_type=client_credentials&client_id=<custom_service_client_id>&client_secret=<custom_service_client_secret>

Please help us to understand this difference or there is something which we are missing here.
Tags (1)
2 REPLIES 2
Anonymous
Not applicable

Re: Oauth 2.0 authorization process

Are you asking if you need the keys for every client? You do, in our model. We are looking at options for extending this in a better way, but for now folks usually have a UI where the customer puts in their API credentials.
Anonymous
Not applicable

Re: Oauth 2.0 authorization process

I'm also interested on when the full oauth2 flow will be implemented... We have a different flow for Marketo than other oauth2 providers.