This documentation provides a detailed, step-by-step guide on how to configure the trigger event within Pabbly Connect.
Follow these steps to establish a connection within Pabbly Connect:
Before proceeding further, please review the authentication methods elucidated in the article. Learn more
If you want to explore more about OAuth and PKCE, check out these helpful resources to get started:
Redirect URL - Add this Redirect URL ( https://connect.pabbly.com/redirect_url ) where you have registered your developer app.
Authorize URL - Specify your app Authorize URL to request user authorization e.g. https://api.twitter.com/oauth/authorize.
Request Token URL - Specify your app Request Token URL to obtain an OAuth Request Token to request user authorization e.g. https://api.twitter.com/oauth/request_token.
Access Token URL - Specify your app Access Token URL to exchange the OAuth Request Token for an OAuth Access Token e.g. https://api.twitter.com/oauth/access_token.
Consumer Key - Specify your app Consumer Key e.g. wed4MIeLqzAN
Consumer Secret - Specify your app Consumer Secret e.g. tXSycAAeOVwV
Encode the parameters in the Authorization header - Required if your app auth requires encoded parameters in the Authorization header.
Signature Method - HMAC-SHA1
Set App Auth Parameters - Specify if app auth requires to pass the query or URL parameters e.g. subdomain.
Received App Auth Parameters - Specify if you need to catch the parameters from access token JSON to use further in API requests e.g. api_domain.
Follow these steps to establish a connection within Pabbly Connect:
- Login to your Pabbly Connect account
- In case, you don't have a Pabbly Connect account then, you can create one from here.
- Once you have logged in to your Pabbly Connect account then, you can start building your app integration form here.
Before proceeding further, please review the authentication methods elucidated in the article. Learn more
- Getting Started:
1. Create a New App
After logging in to the Pabbly Connect App area, you can proceed to create your first application following the steps outlined below.
Click the "Create App" button and Enter a user-friendly name of your app e.g. Dropbox
2. Brief Description of the App
Enter a brief description of your app e.g. Dropbox lets anyone upload and transfer files to the cloud, and share them with anyone.
3. App Logo
Upload your app logo in .png format. The image size should be 64x64 in px.
- Auth Types
Authentication - When an entity establishes its identity through authentication, it is said to be authentic. Authentication, to put it another way, establishes that you are who you claim to be. This is similar to possessing a valid driver's license that the requester, such as a police officer, may use as proof that you are who you say you are.
Pabbly Connect Integration supports eight different types of REST API Authentication methods explained as follows:
- No Auth
Select this authorization type when you need to just configure Webhooks Setup by Instructions-based Triggers only for your app, not the actions. - Basic Auth
Basic Auth lets you connect APIs that authenticate users with a username and password.
Username Label - Specify your Username field label name e.g API Key. By default, it is Username.
Password Label - Enter your Password field label name here e.g API Secret Key. By default, it is Password.
This is the configured user will see it on the front end.
- Bearer Token
On selecting this option, Pabbly Connect auto-creates the Token field in the connection area for the integrated application.
App connection will look like this -
- Parameters
Specify parameters if the API request authenticates using a key-value pair in the query parameters e.g. api_key
App connection will look like this -
- Basic Auth (Access Response Token)
Access Token URL - Specify your app Access Token URL to obtain the access token e.g. https://api.sendpulse.com/oauth/access_token
Request Body Type - Define your app request body type from. By default, it is JSON.
Add Headers - Add Headers if your app requires a header to pass in an API request.
Send Params - Send Params if app auth requires to pass the query or URL parameters e.g. subdomain.
Received Parameters - Specify received parameters if the app requires to catch the parameters from access token JSON to use further in API requests e.g. api_domain.
Token Key Name (Received) - Specify a token key name that you want to receive from access token JSON for further use in API requests e.g. access_token.
Token Key Name (Send) - Specify a token key name that you want to send for further use in API requests e.g. access_token.
Client Authentication - Specify any one of the following client authentications that your app auth requires.
- Send token in the header
- Send token in the body
Request Body (Raw JSON) - Specify raw JSON in the request body if the access token URL requires passing the raw JSON data.
App connection will look like this -
- OAuth 2.0
Redirect URL - Add this Redirect URL ( https://connect.pabbly.com/callback-url ) where you have registered your developer app.
Authorize URL - Specify your app Authorize URL to retrieve the authorization code e.g. https://www.facebook.com/v10.0/dialog/oauth
Token URL - Specify your app Token URL to exchange the authorization code for an access token e.g. https://graph.facebook.com/v10.0/oauth/access_token
Refresh Token URL - The Refresh Token URL is used to exchange the refresh token for an access token. If it is empty, the access token URL will be used instead. e.g.
https://graph.facebook.com/v10.0/oauth/access_token
Client ID - Specify your app Client ID e.g. 868906131
Client Secret - Specify your app's Client Secret e.g. 213017befaedd
Scope - Specify your app scope/permission. You can pass multiple scopes separated either by comma or space as per app requirement e.g. scope1 scope2 scope3 …
Sent Client Secret On Access Token (optional) - Required if your app auth requires Client Secret for requesting an access token.
Sent Client Credentials On Refresh Token (optional) - Required if your app auth requires Client Credentials for a refreshing access token.
Enable User-Agent (optional) - Required if your app auth requires a user agent.
Enable Encryption - Allows you to securely store the Client ID and Client Secret of the app in the Database.
Refresh Access Token on Expiration - By enabling this option, Pabbly Connect will refresh the existing access token just before it expires. Otherwise, the token will be refreshed on every API call.
Client Authentication- Specify a client authentication that your app auth requires.
- Send as basic auth header.
- Send client credentials in the body.
Set App Auth Parameters (optional) - Set app auth parameters if your app auth requires to pass the query or URL parameters e.g. subdomain. Received App Auth Parameters (optional) - Specify if you need to catch the parameters from access token JSON to use further in API requests e.g. api_domain.
- OAuth 2.0 (Authorization Code with PKCE)
PKCE (RFC 7636) is an extension to the OAuth2.0 Grant Type : Authorization Code flow to prevent CSRF and authorization code injection attacks.
PKCE was originally designed to protect the authorization code flow in mobile apps, but its ability to prevent authorization code injection makes it useful for every type of OAuth client, even web apps that use a client secret.
Redirect URL - Add this Redirect URL ( https://connect.pabbly.com/callback-url ) where you have registered your developer app.
Authorize URL - Specify your app Authorize URL to retrieve the authorization code e.g. https://www.facebook.com/v10.0/dialog/oauth
Token URL - Specify your app Token URL to exchange the authorization code for an access token e.g. https://graph.facebook.com/v10.0/oauth/access_token
Client ID - Specify your app Client ID e.g. 868906131
Client Secret - Specify your app's Client Secret e.g. 213017befaedd
Scope - Specify your app scope/permission. You can pass multiple scopes separated either by comma or space as per app requirement e.g. scope1 scope2 scope3 …Code verifier - A cryptographically random string used to correlate the authorization request to the token request. The code verifier is a cryptographically random string using the characters A-Z, a-z, 0-9, and the punctuation characters -._~ (hyphen, period, underscore, and tilde), between 43 and 128 characters long generated internally in Pabbly Connect.
Code challenge - Once Pabbly Connect has generated the code verifier, it uses that to create the code challenge internally. For devices that can perform a SHA256 hash, the code challenge is a BASE64-URL-encoded string of the SHA256 hash of the code verifier.
Code Challenge Method - Algorithm used to derive code challenge. Generally, applications use SHA-256.
Sent Client Secret On Access Token (optional) - Required if your app auth requires Client Secret for requesting an access token.
Sent Client Credentials On Refresh Token (optional) - Required if your app auth requires Client Credentials for a refreshing access token.
Enable User-Agent (optional) - Required if your app auth requires a user agent.
Client Authentication- Specify a client authentication that your app auth requires.
- Send as basic auth header.
- Send client credentials in the body.
Set App Auth Parameters (optional) - Set app auth parameters if your app auth requires to pass the query or URL parameters e.g. subdomain. Received App Auth Parameters (optional) - Specify if you need to catch the parameters from access token JSON to use further in API requests e.g. api_domain.
If you want to explore more about OAuth and PKCE, check out these helpful resources to get started:
- PKCE Example on the OAuth 2.0 Playground from Okta
- Call API using Authorization Code flow with PKCE from Auth0
Redirect URL - Add this Redirect URL ( https://connect.pabbly.com/redirect_url ) where you have registered your developer app.
Authorize URL - Specify your app Authorize URL to request user authorization e.g. https://api.twitter.com/oauth/authorize.
Request Token URL - Specify your app Request Token URL to obtain an OAuth Request Token to request user authorization e.g. https://api.twitter.com/oauth/request_token.
Access Token URL - Specify your app Access Token URL to exchange the OAuth Request Token for an OAuth Access Token e.g. https://api.twitter.com/oauth/access_token.
Consumer Key - Specify your app Consumer Key e.g. wed4MIeLqzAN
Consumer Secret - Specify your app Consumer Secret e.g. tXSycAAeOVwV
Encode the parameters in the Authorization header - Required if your app auth requires encoded parameters in the Authorization header.
Signature Method - HMAC-SHA1
Set App Auth Parameters - Specify if app auth requires to pass the query or URL parameters e.g. subdomain.
Received App Auth Parameters - Specify if you need to catch the parameters from access token JSON to use further in API requests e.g. api_domain.
9. CURL HTTP Version (optional)
Specify a CURL HTTP Version that your app supports.
Watch the below tutorial for configuring the app and its authentication method. Learn more
Attachments
Last edited by a moderator: