I’m having difficulty getting External API auth working with Harvests OAuth2 and was hoping someone could possibly help. It seems there is no debugging available for the auth providers which would be really useful to have (unless I’m missing it?), so as an aside it would be ace to raise that as a feature request.
I’m getting the could not retrieve access token from the provider
error after authorising the app on Harvest; I have no other info available. I have checked and double checked that the provider secret is set and verified the action paths against Harvests OAuth Authentication Documentation. The redirect url is set to https://id.atlassian.com/outboundAuth/finish
as per the Forge External Auth Guide.
My providers and remotes are like so:
providers:
auth:
- key: harvest
name: Harvest
type: oauth2
clientId: <client-id>
remotes:
- harvest-api
bearerMethod: authorization-header
actions:
authorization:
remote: harvest-auth
path: /oauth2/authorize
exchange:
remote: harvest-auth
path: /api/v2/oauth2/token
resolvers:
accessTokenExpires: expires_in
retrieveProfile:
remote: harvest-auth
path: /api/v2/accounts
resolvers:
id: user.id
displayName: user.email
remotes:
- key: harvest-auth
baseUrl: https://id.getharvest.com
- key: harvest-api
baseUrl: https://api.harvestapp.com
As per the Harvest docs, the flow is as follows:
Initiate auth flow:
https://id.getharvest.com/oauth2/authorize?client_id={CLIENT_ID}&response_type=code
Exchange code:
curl -X POST \
-H "User-Agent: MyApp (yourname@example.com)" \
-d "code=$AUTHORIZATION_CODE" \
-d "client_id=$CLIENT_ID" \
-d "client_secret=$CLIENT_SECRET" \
-d "grant_type=authorization_code" \
'https://id.getharvest.com/api/v2/oauth2/token'
Exchange response:
{
"access_token": "{ACCESS_TOKEN}",
"refresh_token": "{REFRESH_TOKEN}",
"token_type": "bearer",
"expires_in": 1209600
}
I’m stuck on this and would appreciate any help.