Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

ORCID OAuth Dance with google playground


Published on

The ORCID Member API uses OAuth 2.0 to manage its authentication. This document describes how to use Google Developers’ OAuth 2.0 Playground to explore OAuth for the ORCID environment.

  • Be the first to comment

  • Be the first to like this

ORCID OAuth Dance with google playground

  1. 1. Using OAuth 2.0 PlaygroundHow to set up OAuth 2.0 Playground to work with the ORCID’s OAuth and APIsTable of ContentsIntroduction 1 About Google Developers OAuth 2.0 Playground 1STEP A: Create an API Client App for the Developers’ Sandbox 1STEP B: Set up the Playground 2 OAuth 2.0 configuration 2STEP C: Use the Playground 3 Step 1 – Select & authorize APIs 3 Step 2 – Exchange authorization codes for tokens 3 Step 3 – Configure request to API 4IntroductionThe ORCID Member API uses OAuth 2.0 to manage its authentication. This documentdescribes how to use Google Developers’ OAuth 2.0 Playground to explore OAuth forthe ORCID environment.About Google Developers OAuth 2.0 PlaygroundORCID does not maintain or develop for the OAuth 2.0 Playground. This tool wascreated by Google who exclusively maintains its code. While we will try to maintain thisdocumentation so that it is up-to-date, changes in Google’s platform could make theseinstructions in accurate from time-to-time. Your contributions will help us to maintainthis document.STEP A: Create an API Client App for the Developers’SandboxBefore you can make any request you need to create an API client that will give you aconsumer KEY, and SECRET. If you’ve ever used an API before you can think of theclient as your API KEY. It is required to help identify your application which may be aweb-application, a server-side script that does some backend integration or a piece ofJavascript that pulls information from the Registry.Please see our knowledge base for more information on this step: that you have a client, you can move onto making some actual requests! 1
  2. 2. Understanding the ORCID OAuth DanceSTEP B: Set up the PlaygroundThe first thing you will need to do is set up the playground to work with the ORCIDenvironment. Go to the OAuth 2.0 Playground URL, and click the gear to configure it:https://developers.googlecom/oauthplayground/OAuth 2.0 configurationOAuth flow: Server-sideOAuth endpoints: custom Authorization endpoint: Token endpoint: token location: Authorization header w/Bearer prefixOAuth Client ID: (from your client registration - <client-id>)OAuth Client secret: (from your client registration - <client-secret>)) A Shortcut: The following URL has been configured as described above – you will only need to enter your Client ID and secret: uthCred=unchecked&oauthEndpointSelect=Custom&oauthAuthEndpointValue=htt 2
  3. 3. Understanding the ORCID OAuth Dance p%3A// A// okenType=bearer&autoRefreshToken=unchecked&accessType=offline&forceApro valPrompt=checked&response_type=codeSTEP C: Use the PlaygroundOBTAIN A TOKEN: You are going tobe using the Playground to obtain atoken as described in the knowledgebase article Tokens Through 3-leggedOAuth Authentication( THE APIs: Once you have atoken, you will use it to perform APIcalls as described in the ORCID APIGuide( 1 – Select & authorize APIsEnter a scope from one described in the knowledge base at:( you click the Authorize APIs, the user will be requested to log in (or create anew ORCID ID), and then authorize the scope that you have created. For this step, youwill find it handy to have (or createduring this process) an account on theDevelopers Sandbox that you will beusing as your “researcher” who is“authorizing the scopes”.Step 2 – Exchangeauthorization codes for tokensOnce the end user (most likelyrepresented by you logging in in thisexample) has authorized a specificscope, you will receive an authorizationcode which you will see displayed instep two. Click “Exchange authorization 3
  4. 4. Understanding the ORCID OAuth Dancecode for tokens”. This action will create an access token that you will see in the“Request/Response” window to the right of the screen.The Response:Note the “access_token” that was provided via OAuth – you will be using this token toconfigure your request to the API.Step 3 – Configure request to APINext you are going to configure and send your request to the APINOTE: The screen shot above was taken from a different server. Your request URI should be[REQUEST].Since the requested scope limits what you will be able to see, you always will be able to use thefollowing URI in the Developers Sandbox:[ORCID_ID]You will set the HTTP Method, Request URI and Headers as described in the ORCIDAPI Guide ( 4
  5. 5. Understanding the ORCID OAuth DanceA special note about the Authorize HeaderYou will need to add an “authorize” header that will contain your access code precededby the term “bearer”A special note about the Accept HeaderYou can format the result to be HTML, XML or JSON by setting an “accept” header andsetting the value to one of those shown below.Format Accept Header DescriptionHTML text/html Redirects to the ORCID web user interface to display the resultXML application/orcid+xml OR XML conforming to the orcid- application/xml message.xsdJSON application/orcid+json OR JavaScript Object Notation equivalent to application/json the orcid-message.xsdThe ResponseIn the Request / Response window you will see the resulting content based on the APIcall. For example:GET /0000-0002-9652-3185 HTTP/1.1 Host: Authorize: bearer 5e1b56ed-3388-435a-95e3-08d6e94f73fa Content-length: 0 Authorization: Bearer f8db2f09-d862-4318-84bc-a2ed1cd89648HTTP/1.1 200 OK Content-length: 1382 Via: HTTP/1.1 GWA Content-location: X-google-cache-control: remote-fetch Server:Apache-Coyote/1.1 Date: Wed, 05 Sep 2012 00:26:31 GMT Content-type: text/html;charset=UTF-8<?xml version="1.0" encoding="UTF-8" standalone="yes"?><orcid-message xmlns=""> <message-version>1.0.3</message-version> <orcid-profile type="user"> <orcid>0000-0002-9652-3185</orcid> <orcid-history> 5
  6. 6. Understanding the ORCID OAuth Dance <creation-method>website</creation-method> <completion-date>2012-08-17T18:41:48.816+01:00</completion-date> <submission-date>2012-08-17T18:41:44.703+01:00</submission-date> <claimed>true</claimed> </orcid-history> <orcid-bio> <personal-details> <given-names>Laura</given-names> <family-name>Paglione</family-name> <credit-name visibility="public">Laura AD Paglione</credit-name> <other-names visibility="public"/> </personal-details> <biography visibility="public"></biography> <external-identifiers visibility="public"/> <affiliations> <affiliation visibility="public"> <affiliation-name>ORCID</affiliation-name> <affiliation-type>current-primary-institution</affiliation-type> <role-title>Administrator</role-title> </affiliation> </affiliations> </orcid-bio> <orcid-activities/> </orcid-profile></orcid-message>Document Revision HistoryVer Date Who Description2.0 28 Sep Laura Paglione Refreshed document to reference articles in the 2012 new Knowledge Base.1.2 11 Sep Laura Paglione Fixed the provided “quick start” URL for the 2012 Playground. Corrected a typo introduced in version 10 Sep Laura Paglione Updated the URLs in step B for the Token and 2012 authorize endpoints. Thanks to William Penney!1.0 6 Sep 2012 Laura Paglione Updated to include the limitation of the OAuth Playground to accommodate new registrations during the Authorize process.0.5 4 Sep 2012 Laura Paglione Initial Draft 6