After the API call, Connections Cloud returns a request token to the following location:
This communication between servers is shown in the following image:
The following required parameters are sent during the process of getting a request token:
Table 1. Required parameters
The OAuth consumer key.
Random string to avoid replay attack. Because Connections Cloud uses only PLAINTEXT signature method over HTTPS, this parameter is not checked for replay attack. However it is important to specify some value.
This parameter specifies a signature algorithm. Connections Cloud supports only PLAINTEXT.
You should sign the request by specifying the signature.+
Set the value as an integer that represents the time the request is sent. The timestamp should be expressed in number of seconds after January 1, 1970 00:00:00 GMT. Because Connections Cloud uses only PLAINTEXT signature method over HTTPS, this parameter is not checked for replay attack. However, it is important to specify some value.
The URL to which the user browser should be redirected at the end of Step 3: Obtain authorization
. This URL is based on the company website. If the value is set to the default value and is not updated for the company, the browser is not redirected back. Instead the OAuth verifier code is displayed in the browser at the end of Step 3: Obtain authorization
The OAuth version used by the requesting web application. The value should be 1.0.
Connections Cloud supports the following ways to send these parameters:
- Authorization header of a GET or POST request. Use Authorization: OAuth.
- Body of a POST request. Make sure that the content type is Content-Type: application/x-www-form-urlencoded.
- URL query parameters in a GET request.
For information about how to sign a request, refer to the http://oauth.net/core/1.0a
" target="external">OAuth 1.0a documentation
Successful responses return response code 200 with the request token and the request token secret, for example:
Bad requests return response code 400 and one of the following parameters:
Unauthorized requests return response code 401 and one of the following parameters:
Parent topic: OAuth 1.0a APIs for web server flow
Previous topic: Step 1: Register your application
Next topic: Step 3: Obtain authorization