OOB Web Services Connector for Cornerstone: How to specify SCOPE

8.4p1

I’m attempting to connect to a 3rd Party REST Web Service (Cornerstone) which requires a SCOPE be specified in the Access Token request. The configuration for this integration is as follows:

  • Application Type: Web Services
  • OAuth2
  • Client Credentials

I’m getting the below error in IIQ. Note that all works well in SOAPUI but there I’m able to specify a SCOPE to obtain the Access Token prior to making the request. So the question is…how/where do I specify the SCOPE in IIQ so that when IIQ submits the request to the TOKEN URL for an Access Token the 3rd party service will return one?

Exception occurred in Test Connection. Error: Exception occurred while generating access token: Unable to generate access token. Response returned: {“status”:“400”,“timeStamp”:“2024-07-31T20:57:03+0000”,“error”:{“errorId”:“6bac4432-13e0-4e81-ac39-d50ef180381c”,“message”:null,“code”:“invalid_request”,“description”:“Cannot generate token. Bad request”,“details”:null}}

Hi @DanO1,

you can use an beforeProvisionOperation rule on your operation for building and execute the call for token with own attribute.

You can build the rest or soap call, keep the return value(token) and put it on the header of requestEndPoint with scope attribute. Something like this:

//CALL
headers.put("Bearer", token);
headers.put("Scope", scope);
requestEndPoint.setHeader(headers);

return requestEndPoint;

Hi @DanO1,

I would look into the ‘Custom Authentication’ mechanism (Operation) within the WebService Connector.
Since the ‘Scope’ is not provided in the default configuration - this operation enables you to run the API call with the required parameters & generate the accessToken before the other operations are called.

Have a look at this article which also correctly defines how you should encrypt your keys.

Hope this helps.

Thank you @enistri_devo and @kyle1 for the responses. Here is what we found the answer to be…

  1. Open the application xml in debug
  2. add the following within the attributes tag
<entry key="oauth_request_parameters">
       <value>
         <Map>
           <entry key="scope" value="employee:read"/>
         </Map>
       </value>
     </entry>

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.