OAuth2 authentication
- Send emails and connect to email servers such as Microsoft Outlook and Gmail, or when working with email service providers that no longer support basic authentication.
- Connect to third-party web servers.
To set up this authentication, you must first create an OAuth2 configuration in the application before using it in a connection. This configuration is accessible by both IPA and Landmark. You can configure OAuth2 authentication through Process Server Administration for IPA and through Administration Console for Landmark.
See Creating OAuth2 configuration.
These are the grant types that you can use when configuring OAuth2 authentication:
| Type | Description |
|---|---|
| Client credentials |
This grant type is used for service-to-service authentication. The client is registered on the server to get a client ID and client secret, which are used to request an access token. The access token is requested from the token URL of the server and is only active for a limited time. |
| Authorization code |
This grant type is used when a user needs to authorize a client’s access. As a user, you must run a GET call in a browser to receive an authorization code. The client then uses this code to request an access token from the server’s token URL. The access token is only active for a limited time, but you can also use a refresh token to get a new access token without requiring to go through the authorization code retrieval process again. |
| IonApi | This grant type is used for Infor ION API integration, which streamlines the authentication between Landmark applications and other Infor or third-party systems through the ION API Gateway. When you select this grant type, you must first create a backend service in the ION API Gateway and download the ionapi file which contains all required OAuth configuration details to automatically establish secure connections to ION APIs. |