AnsweredAssumed Answered

How can one call an API with OAuth 1.0 - Authenticated Requests ?

Question asked by bogdan_topor713970 Employee on Feb 6, 2017

Hi everyone, I'm trying to connect to the Martjack (e-commerce platform) APIs using the Boomi HTTP Client. They are exposing their REST APIs with OAuth 1.0. According to the User Guide, "Dell Boomi AtomSphere supports OAuth authorization for versions 1.0 and 1.0a for both on-premise and cloud integrations", but in this case they are only providing the Consumer Key and Secret, but neither of the Request Token URL, Access Token URL or Authorization URL.


Checking their sample client code, they generate a signature based on the keys and uri and pass that in the header of the request along with a timestamp and other details... so no token requested in this case. According to RFC5849, the OAuth 1.0 protocol enables also "Authenticated Requests" which seem to match their implementation, using a signature very similar to the Password Digest, in contrast with the "Redirection-Based Authorization" which can be configured for the HTTP Client connection in Boomi. 


Does the Boomi HTTP Client connector actually support this type of authentication? If so, how should it be configured for sending "Authenticated Requests"?