Creating connections to many 3rd party APIs #5394
Replies: 3 comments
This comment was marked as off-topic.
This comment was marked as off-topic.
-
How does the third party service pass the users Auth token to Logto? Is
the user redirected when they try to use a resource they dont have a token
for ?
…On Wed, Feb 7, 2024 at 8:59 PM Darcy Ye ***@***.***> wrote:
I would say yes, you can add multiple third-party API resources, and all
possible scopes under the resource. Grouping the scopes, create
corresponding roles, and then assign the roles to your end-users. Your
end-users will receive the corresponding scopes after completing the
authorization flow.
For more details, you can refer to
https://docs.logto.io/docs/recipes/rbac/.
—
Reply to this email directly, view it on GitHub
<#5394 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/BEWP7CCDRWPSFHKBGQVSSUTYSQWQ7AVCNFSM6AAAAABC6EI3I2VHI2DSMVQWIX3LMV43SRDJONRXK43TNFXW4Q3PNVWWK3TUHM4DIMBRHE4TA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
I apologize for my previous misunderstanding of your use case. My previous response could be misleading and I have hidden it. Based on your description, we believe that your requirement is to obtain and manage access tokens issued by third-party apps through user authorization. With the current Logto system, you can redirect users to the authorization page of third-party apps through connectors and obtain access tokens later. You can declare the I am not quit familiar with the details of Zapier's workflow, but I can imagine that authorization actions that require user authorization are prone to expiration (even if third-party apps like Google issue refresh tokens at the same time as access tokens). This means that users may need to be engaged frequently and should authorize various apps frequently, which may severely damage the user experience. We believe that a better solution is to use the client credentials grant to obtain access tokens from third-party platforms. In this way, all work can be done in the background without the need for frequent user intervention. In this case, you may not need to integrate Logto. |
Beta Was this translation helpful? Give feedback.
-
Our goal is to enable a Zapier or Make.com style system in which the end user authorizes my app to use access their accounts on 3rd party providers with different scopes and stores and refreshes the tokens. So a user can come and allow us to access 5 scopes on Google, 3 on Asana and 4 on Facebook. Is this possible using Logto now?
Beta Was this translation helpful? Give feedback.
All reactions