Skip to main content

OAuth 2.0

Zuora

OAuth 2.0

  1. Last updated
  2. Save as PDF

This feature lets you authenticate callouts using an OAuth 2.0 provider. This article describes how to manage OAuth 2.0 providers. 

This feature is in Limited Availability and is available only to certain customers. We are currently not accepting access to this feature. 

Work with OAuth 2.0

The general workflow for working with OAuth 2.0 in Zuora is as follows:

  1. Add a new OAuth 2.0 provider.
  2. Get and test a token.
  3. Enable the provider for use with Zuora callouts.

Manage OAuth 2.0 providers

In order to implement OAuth 2.0 providers, follow these steps:​

  1. Click the user name at the top right and then navigate to Administration > Manage OAuth 2.0 Providers.
  2. Click new oauth2 provider.
  3. Enter the requested information.
    Field Description

    Name

    		 A meaningful name to specify individual OAuth 2.0 providers. This field is required.

    Grant Type

    		 Only the Client Credentials type is currently allowed. This field is required.

    Client ID

    		 The client id that you got from your OAuth 2.0 provider. This field is required.

    Client Secret

    		 The client secret that you got from your OAuth 2.0 provider. This field is required.

    Access Token EndPoint

    		 The URL used to get the access token for the given Client ID and Client Secret. This field is required.

    Revoke EndPoint

    		 The URL used to revoke the access token. This field is optional.

    Test EndPoint

    		 The URL used to test the access token. This field is optional.

    Scope

    		 The value of the scope parameter is expressed as a list of space or comma-separated, case-sensitive strings. The strings are defined by the authorization server. This field is optional

  4.  Click save.

Enable OAuth 2.0 provider for callouts

  1. Click the user name at the top right.
  2. Click Billing and then click Setup Profiles, Notifications, and Email Templates.
  3. Add a new notification or edit an existing notification.
  4. Select OAuth 2.0 for the Callout Authentication.
  5. Choose an OAuth 2.0 provider from the dropdown list.
  6. Click save.

edit_notification2.png

View OAuth 2.0 provider details

  1. On the Manage OAuth 2.0 Providers page, click the name of the provider that you want to see the details for.
  2. To get a token, click obtain token.
  3. To refresh your token, click refresh token.
  4. After you have a token, you can test the token by clicking test token if the test token URL is provided.
  5. To revoke a token, click revoke token if the revoke token URL is provided.

provider_details2.png

Delete an OAuth 2.0 provider

On the Manage OAuth 2.0 Providers page, click Del on the same line as the provider that you want to delete. Note that you cannot delete an OAuth 2.0 provider that is being used by any Zuora callout notifications.