Skip to main content

Advanced OAuth configuration

For some APIs, their implementation of OAuth wasn't very standard...

You can use these advanced parameters to customize the way Meta API will interact with these APIs.

Custom the Refresh Token

Inside the securityScheme, you can add the X-Refresh-Settings object to custom some properties for refreshing the access token

"X-Refresh-Settings": {
    "Content-Type": "application/x-www-form-urlencoded",
    "defaultExpireSec": 8600
},

Available properties:

  • Content-Type: change the Content-Type send with the request. If the Content-Type is set to application/x-www-form-urlencoded, then a form will be sent automatically
  • defaultExpireSec: set or change the default expiration time of the refresh token if not given by the API

Here is an example of Quickbooks API :

"securitySchemes": {
    "oauth2": {
        "type": "oauth2",
        "flows": {
            "authorizationCode": {
                "authorizationUrl": "https://appcenter.intuit.com/connect/oauth2",
                "tokenUrl": "https://oauth.platform.intuit.com/oauth2/v1/tokens/bearer",
                "refreshUrl": "https://oauth.platform.intuit.com/oauth2/v1/tokens/bearer",
                "X-Refresh-Settings": {
                    "Content-Type": "application/x-www-form-urlencoded"
                },
                "scopes": {
                    "openid": "OpenID",
                    "email": "email",
                    "profile": "profile",
                    "address": "address",
                    "phone": "phone",
                    "com.intuit.quickbooks.accounting": "Accounting"
                }
            }
        }
    }
}

Custom the Access Token

"X-OAuth-Settings": {
    "headerName": "OAuth-Token",
    "tokenFormat": "$TOKEN"
}

Available properties:

  • headerName: change header name for sending the access token. By default, it's Authorization.
  • tokenFormat: change the token format. You must write $TOKEN inside the string and this will be replaced by the real token. Ex: JWT $TOKEN.

Here is an example with SugarCRM API:

"securitySchemes": {
    "OAuth2": {
        "type": "oauth2",
        "flows": {
            "password": {
                "tokenUrl": "https://exaprint.platform.inetprocess.com/rest/v11/oauth2/token",
                "scopes": {},
                "refreshUrl": "https://exaprint.platform.inetprocess.com/rest/v11/oauth2/token",
                "X-OAuth-Settings": {
                    "headerName": "OAuth-Token",
                    "tokenFormat": "$TOKEN"
                }
            }
        }
    }
}