A while ago we already published a post about OAuth2 replacing basic authentication. In that post, we announced some components that will make it a lot easier to set up authentication. The components are now available!
In the following lines we will recap on what OAuth2 is, why it’s so important, and how and where OAuth2 can be used in Dovetail.
At the end of this post, you can find 2 examples, how OAuth2 can be set in Dovetail.
What it’s OAuth2?
OAuth2 (Open Authorization 2.0) is an authorization framework that allows third-party applications to access resources on behalf of a user, without requiring the user to share their credentials with the third-party application. It provides a secure and standardised way for users to grant limited access to their protected resources on one website – the resource server – to another website or application – the client -.
After successfully completing the first and only authorization process between the resource server and the resource owner (user), an access token is obtained from the authorization server.
Once the client receives an access token, it can include this token in its requests to the resource server. The access token serves as proof of authorization and allows the client to access the protected resources on behalf of the resource owner.
Why is it an important feature?
With Dovetail it’s all about integration and security. OAuth2 will provide a more secure and standardised framework for user authentication and authorization.
When was OAuth2 support for Dovetail introduced?
In 2022, Dovetail became aware that Microsoft would turn off Basic authentication (1st January of 2023) for multiple protocols for many Exchange Online tenants, including POP, IMAP and SMTP AUTH. It was necessary to use a more Modern authentication, OAuth2 token-based authorization.
OAuth2 was introduced in Dovetail 4.13.0 (September 2022). We wrote a blog about it.
How do I set OAuth2 in Dovetail?
Setting OAuth2 (SetOAuth2Token component) in Dovetail in 3 steps:
- Specify all the necessary information to do the first handshake with the resource server;
- Copy the redirect URL and add it into the list of Redirect URLs on resource server (only necessary when Credentials Type is Custom);
- Click on Authorize, and proceed with the Authorization process.
After a successful authorization, you already have a valid access token in the header name / global variable specified in the first step.
Where can I use the access token in Dovetail?
At this moment it’s possible to use access token in the following components:
- InboundEmail
- InboundGoogleDrive
- OutboundGoogleDrive
How to handle the expiring of the access token?
The access token will expire after some time. How can I get a new one, without repeating the first authorization process?
By adding a Scheduler component as an entry point, in the same flow where the SetOAuth2Token component is used. This way the access token will be analysed and it will be refreshed automatically if necessary.
Can this process be even more simple?
In a future release, the OAuth2 will be integrated directly inside of Dovetail, making integration even more easy.
Below you can find 2 examples of using OAuth2 in Dovetail. Hopefully you now have a good understanding of how OAuth2 works, and that you can apply it in Dovetail properly.
Download the Examples
