6 Replies Latest reply on Aug 24, 2016 8:46 AM by martypants760

    Client application OAuth

    nicb84137152

      Is it possible to use the OAuth 2 protocol from a client application without any web server. We are currently using a legacy APIKEY, but I am in the processing of updating to the latest version of the API and was thinking this would be a good time to update the authentication as well, however from reading the 'Using OAuth to Access Adobe Document Cloud APIs' document it appears that only the server OAuth 2 workflow is supported and I don't have any type of redirect_url with this client application.

        • 1. Re: Client application OAuth
          SimonATS Adobe Employee

          Contact support when logged in and ask for an integration key.

          • 2. Re: Client application OAuth
            AshleyNarya

            Hi! I'm in the same situation as the user above. Is it possible to use echosign oauth2 without a redirect url? Using something like 2-legged auth, or client_credentials?

            • 3. Re: Client application OAuth
              sdreier Level 3

              Hello - As the SimonATS points out, there is an integration key approach possible. However, we really do recommend using OAuth2.0 authentication as the preferred method. Can you describe why using a redirect_url can not be supported in your integration? Is it the lack of a valid SSL certificate? Or lack of a common web resource to redirect to? I'd like to understand any problems with using OAuth2.0 for eSign. Thanks.

              • 4. Re: Client application OAuth
                AshleyNarya Level 1

                Hi! Thanks for your reply.

                At the moment we are using a facade as a middle application between our main app and echosign. Requests sent to and from our main app go through this facade before for security. We would like to keep all communications in this middle app instead of the main app which is the one accessible to users.

                 

                Are the integration keys you mention the legacy method? We're currently using those and would like to upgrade to OAuth2.0, that's why I asked for client_credentials method. Is it possible to use client_credentials with echosign?

                • 5. Re: Client application OAuth
                  sdreier Level 3

                  The integrationID key is indeed a legacy access method. Our OAuth2.0 support does require the server flow with re-direct. I think you should still be able to accomplish what you want by using the re-direct URL. The URL can be the same as your main login if you want. Or just treat the redirect URL as the authenticated view/page - which it is.

                   

                  We don't offer the (less secure) client credentials method. You can contact me direct at 'sdreier@adobe.com' to discuss further.

                  • 6. Re: Client application OAuth
                    martypants760

                    I am writing an Android app that will use Adobe Sign.  How can I provide a URI callback for an android app?