Login to your Pabbly Connect account: https://accounts.pabbly.com/login.
In case, you don't have a Pabbly Connect account then, you can create one from here: https://accounts.pabbly.com/signup/
Once you have logged in to your Pabbly Connect account then, you can start building your app integration through this link: https://connect.pabbly.com/app
In case, you don't have a Pabbly Connect account then, you can create one from here: https://accounts.pabbly.com/signup/
Once you have logged in to your Pabbly Connect account then, you can start building your app integration through this link: https://connect.pabbly.com/app
- Create a New App.
Once you got logged in to Pabbly Connect App area, you can now create your first application as shown below:
Click the Create App button and Enter a user-friendly name of your app e.g. Dropbox
- Brief Description of the App.
Enter a brief description of your app e.g. Dropbox lets anyone upload and transfer files to the cloud, and share them with anyone.
- App Logo
Upload your app logo in .png format. Image size should be 64x64 in px.
- Auth Types
Authentication - When an entity establishes its identity through authentication, it is said to be authentic. Authentication, to put it another way, establishes that you are who you claim to be. This is similar to possessing a valid driver's license that the requester, such as a police officer, may use as proof that you are who you say you are.
Pabbly Connect Integration supports eight different types of REST API Authentication methods explained as follows:
- No Auth
Select this authorization type when you need to just configure Webhooks Setup by Instructions based Triggers only for your app, not the actions.
- Basic Auth
Basic Auth lets you connect APIs that authenticate users with a username and password.
Username Label - Specify your Username field label name e.g API Key. By default, it is Username.
Password Label - Enter your Password field label name here e.g API Secret Key. By default, it is Password.
App connection will look like this -
- Bearer Token
On selecting this option, Pabbly Connect auto-creates the Token field in the connection area for the integrated app.
App connection will look like this -
- Headers
Select this option if the API request authenticates using a key-value pair in the request headers. In this option, you need to specify the header key while creating each and every action event of your app.
Here is an example of an action configured with Header Auth -
App connection will look like this -
- Parameters
Specify parameters if API request authenticates using a key-value pair in the query parameters e.g. api_key
App connection will look like this -
- Basic Auth (Access Response Token)
Access Token URL - Specify your app Access Token URL to obtain the access token e.g. https://api.sendpulse.com/oauth/access_token
Request Body Type - Define your app request body type from. By default, it is JSON.
Add Headers - Add Headers if your app requires a header to pass in an API request.
Send Params - Send Params if app auth requires to pass the query or URL parameters e.g. subdomain.
Received Parameters - Specify received parameters if the app requires to catch the parameters from access token JSON to use further in API requests e.g. api_domain.
Token Key Name (Received) - Specify a token key name that you want to receive from access token JSON for further use in API requests e.g. access_token.
Token Key Name (Send) - Specify a token key name that you want to send for further use in API requests e.g. access_token.
Client Authentication - Specify any one of the following client authentications that your app auth requires.
- Send token in the header
- Send token in the body
Request Body (Raw JSON) - Specify raw JSON in the request body if the access token URL requires passing the raw JSON data.
App connection will look like this -
- OAuth 2.0
Redirect URL - Add this Redirect URL ( https://connect.pabbly.com/callback-url ) where you have registered your developer app.
Authorize URL - Specify your app Authorize URL to retrieve the authorization code e.g. https://www.facebook.com/v10.0/dialog/oauth
Token URL - Specify your app Token URL to exchange the authorization code for an access token e.g. https://graph.facebook.com/v10.0/oauth/access_token
Client ID - Specify your app Client ID e.g. 868906131
Client Secret - Specify your app's Client Secret e.g. 213017befaedd
Scope - Specify your app scope/permission. You can pass multiple scopes separated either by comma or space as per app requirement e.g. scope1 scope2 scope3 …
Sent Client Secret On Access Token (optional) - Required if your app auth requires Client Secret for requesting an access token.
Sent Client Credentials On Refresh Token (optional) - Required if your app auth requires Client Credentials for a refreshing access token.
Enable User-Agent (optional) - Required if your app auth requires a user agent.
Enable Encryption - Allows you to securely store the Client ID and Client Secret of the app in Database.
Refresh Access Token on Expiration - By enabling this option, Pabbly Connect will refresh the existing access token just before it expires. Otherwise, the token will be refreshed on every API call.
Client Authentication- Specify a client authentication that your app auth requires.
- Send as basic auth header.
- Send client credentials in the body.
Set App Auth Parameters (optional) - Set app auth parameters if your app auth requires to pass the query or URL parameters e.g. subdomain. Received App Auth Parameters (optional) - Specify if you need to catch the parameters from access token JSON to use further in API requests e.g. api_domain.
- OAuth 2.0 (Authorization Code with PKCE)
PKCE (RFC 7636) is an extension to the OAuth2.0 Grant Type : Authorization Code flow to prevent CSRF and authorization code injection attacks.
PKCE was originally designed to protect the authorization code flow in mobile apps, but its ability to prevent authorization code injection makes it useful for every type of OAuth client, even web apps that use a client secret.
Redirect URL - Add this Redirect URL ( https://connect.pabbly.com/callback-url ) where you have registered your developer app.
Authorize URL - Specify your app Authorize URL to retrieve the authorization code e.g. https://www.facebook.com/v10.0/dialog/oauth
Token URL - Specify your app Token URL to exchange the authorization code for an access token e.g. https://graph.facebook.com/v10.0/oauth/access_token
Client ID - Specify your app Client ID e.g. 868906131
Client Secret - Specify your app's Client Secret e.g. 213017befaedd
Scope - Specify your app scope/permission. You can pass multiple scopes separated either by comma or space as per app requirement e.g. scope1 scope2 scope3 …Code verifier - A cryptographically random string used to correlate the authorization request to the token request. The code verifier is a cryptographically random string using the characters A-Z, a-z, 0-9, and the punctuation characters -._~ (hyphen, period, underscore, and tilde), between 43 and 128 characters long generated internally in Pabbly Connect.
Code challenge - Once Pabbly Connect has generated the code verifier, it uses that to create the code challenge internally. For devices that can perform a SHA256 hash, the code challenge is a BASE64-URL-encoded string of the SHA256 hash of the code verifier.
Code Challenge Method - Algorithm used to derive code challenge. Generally, applications use SHA-256.
Sent Client Secret On Access Token (optional) - Required if your app auth requires Client Secret for requesting an access token.
Sent Client Credentials On Refresh Token (optional) - Required if your app auth requires Client Credentials for a refreshing access token.
Enable User-Agent (optional) - Required if your app auth requires a user agent.
Client Authentication- Specify a client authentication that your app auth requires.
- Send as basic auth header.
- Send client credentials in the body.
Set App Auth Parameters (optional) - Set app auth parameters if your app auth requires to pass the query or URL parameters e.g. subdomain. Received App Auth Parameters (optional) - Specify if you need to catch the parameters from access token JSON to use further in API requests e.g. api_domain.
If you want to explore more about OAuth and PKCE, check out these helpful resources to get started:- PKCE Example on the OAuth 2.0 Playground from Okta
- Call API using Authorization Code flow with PKCE from Auth0
- OAuth 1.0
Redirect URL - Add this Redirect URL ( https://connect.pabbly.com/redirect_url ) where you have registered your developer app.
Authorize URL - Specify your app Authorize URL to request user authorization e.g. https://api.twitter.com/oauth/authorize.
Request Token URL - Specify your app Request Token URL to obtain an OAuth Request Token to request user authorization e.g. https://api.twitter.com/oauth/request_token.
Access Token URL - Specify your app Access Token URL to exchange the OAuth Request Token for an OAuth Access Token e.g. https://api.twitter.com/oauth/access_token.
Consumer Key - Specify your app Consumer Key e.g. wed4MIeLqzAN
Consumer Secret - Specify your app Consumer Secret e.g. tXSycAAeOVwV
Encode the parameters in the Authorization header - Required if your app auth requires encoded parameters in the Authorization header.
Signature Method - HMAC-SHA1
Set App Auth Parameters - Specify if app auth requires to pass the query or URL parameters e.g. subdomain.
Received App Auth Parameters - Specify if you need to catch the parameters from access token JSON to use further in API requests e.g. api_domain.
5. CURL HTTP Version (optional)
Specify a CURL HTTP Version that your app supports.
Watch the below tutorial for configuring the app and its authentication method:
Attachments
Last edited by a moderator: