Cloud: OAuth Integration

Listed below are the steps for the Cloud Partner App activation API integration using OAuth authentication.

  1. Cisco Spaces redirects the user query to the Partner site (Partner’s OAuth URL). This includes the client_id, redirect_uri, response_type, and the state query parameters.

  2. After successful user authentication, the Partner site redirects to the Cisco Spaces - Partner Dashboard using the redirect_uri, along with the Authorization Code and state parameter.

  3. While redirecting with the authorization code, the Cisco Spaces - Partner Dashboard invokes the API (<$OAuth Login URL>) running on the Partner site, along with a JSON payload that includes the following parameters:

    • “code”: <Alpha Numeric value Received from Partner Site> For example: C8AB554D6F804B8EB6246D44D3DE4B46

    • “grant_type”: authorization_code

    • “state”: <Alpha Numeric UID> For example: 0855E7EFE7124B538D455F0C5CEF2629

    • “client_id”: <Partner App Client ID>

    • “client_secret”: <Alpha Numeric value>. For example: 31e08c21136c9102cdee

    • “redirect_uri”: https://partners.dnaspaces.io/partner/OAuthValidation

      Note

      For a Live app, the redirect URI will be https://dnaspaces.io/partner/OAuthValidation.

  4. The expected response for step 3 is a JSON object, with the following attributes:

    • “access_token”– <This is a JWT Token, will be used to invoke App Info API>

    • “token_type”– "Bearer"

    • “scope”– <partnerTenantID>

Cisco Spaces uses OAuth 2.0 to facilitate integration with the Partner dashboard to authenticate customers for App activation and uses signed JSON Web Token (JWT) authentication to launch the application. When you login to Cisco Spaces and click on the Partner Apps tile, the Partner App Access Center displays the available apps. When you select an app in Cisco Spaces, the associated app details is displayed. Click on the desired app that you wish to open. On clicking the Activate button, user is redirected to Partner OAuth URL, along with the client_id, redirect_url, response_type, and state query parameters. The partner site must verify the client_id and the redirect_url query parameters and directs the user to the Partner site’s login page. In case of invalid query parameters, a configuration-mismatch error displays.

Note
The OAuth Login URL is configured in the Partner App > App Tile section. Make sure to use the HTTPS protocol.

Partner OAuth URL: <$OAuth Login URL>

Query-Params:

  • “client_id”– <Partner App Client ID>

  • “redirect_uri”– https://partners.dnaspaces.io/partner/OAuthValidation

  • “response_type”– code

  • “state”- <Alpha Numeric UUID> For example: 0855E7EFE7124B538D455F0C5CEF2629

Data Parameter

Description

Allowed values

client_id

The client_id parameter is used for identifying the source of the OAuth request. The partner provides the unique client_Id to Cisco Spaces for validation during OAuth authentication call made by Cisco Spaces.

String

redirect_uri

Redirection from partner site to Cisco Spaces dashboard after the login is successfully completed. The redirect_url is a pre-configured URL, which can be viewed on the Partner dashboard, under the App Tile section. After validation, the Partner Site redirects the user to the redirect_uri, which includes the state and code query parameters. The code value is generated by the partner site.

grant type

response_type

Refers the expected response type after login validation is successful. For Cisco Spaces the expected response type is code.

Numeric value

state

Cisco Spaces passes a UUID, which would be returned when invoking the redirect URL. For example: 0855E7EFE7124B538D432F0C5CEF2629

Alpha-numeric value