SECRETS

A secret facilitates an Bearer token authentication method (i.e. OAuth2) that is consumed in builtin web-hooks and with application connectors such as Salesforce.

While Secrets for application connectors are created automatically, secrets for Web-hooks are required to be created manually. This is a guide for manually creating and testing your secret integration.

OAuth2 Conventions

With Cellosign Secrets are managed in two standard conventions that are slightly defer in implementation.

• Username/password [General username and password]
• Client ID/Client secret [Microsoft Graph Rest API]

General username and password

Parameter	Value
Type	Select General – username and password
url	Insert URL to post token request
Grant type	Enter the grant type
Scope	insert scope values
User name	Insert username
Password	Insert password

Request example

With the example above this is how the request from Cellosign looks like

{
	"username": "Myusername",
	"password": "Mypassword",
	"grant_type": "password",
	"scope": "('read,write',)"
}

Expected response

Cellosign expects at least two parameters in response:

{
	"expires_in": 300,
	"access_token": "BULvsea4JtiGRiSDSJSI%3DEUifiRBkKG5E2XzMDjRfl76ZC9Ub0wnz4XsNiRVBChTYbJcE3F"
}

• “access_token” that will be used in web hook request header for Authorization
• “expires_in” is a lapse time, in seconds, that the access token can be used before it is expired

Microsoft Graph Rest API

Parameter	Value
Type	Select Microsoft Graph REST API v1.0
url	Insert URL to post token request
Grant type	Enter the grant type
Scope	insert scope values
client_id	Insert client id
client_secret	Insert secret

Request example

{
	"client_id": "8e17edb9-0f05-46cc-8741-a937e351e631",
	"client_secret": "Mysecret",
	"scope": "read,write",
	"grant_type": "password"
}

Expected response

Cellosign expects at least two parameters in response:

{
	"expires_in": 300,
	"access_token": "BULvsea4JtiGRiSDSJSI%3DEUifiRBkKG5E2XzMDjRfl76ZC9Ub0wnz4XsNiRVBChTYbJcE3F"
}

• “access_token” that will be used in web hook request header for Authorization
• “expires_in” is a lapse time, in seconds, that the access token can be used before it is expired

Notes and gotchas

1. Note the difference in SCOPE parameter value between the two methods.
2. Cellosign will use token until the time of expiration provided for token request. When token is expired, Cellosign will initiate a request for a new token.