Preauthenticate Exact Online |
To preauthenticate an Exact Online application, please execute the following steps:
Preparation
Execute the following steps:
•Navigate to the Exact App Center:
•Choose the correct country.
•Log in:
•For the next step, make sure that you have an Exact Online App Center subscription. This is a free subscription that allows you to register your own API keys.
•To register for such an account, go to https://apps.exactonline.com
•Scroll to the bottom and search for "Are you an app developer?", click on "Learn More".
•On the next page, choose 'Step 1: Register', click on the 'Register your app' button.
•On the next page, you'll see a form to register, you can choose "Login" at the bottom of the form.
•Now check for the following: "Manage subscription" should be checked under the Grant rights for the user. You can check that on the Grant rights page for the user: Master data > Overview | Users > User > Rights.
•If you go back to https://apps.exactonline.com, there should be a new option available:
•Choose 'Manage my apps' or 'Register API Keys':
•Choose the app that you wish to preauthenticate a user on.
•Click on 'Show' next to the client secret.
•Take note of the following values as shown below: client ID, client secret and redirect URI.
•When you preauthenticate for use with Exact Online using an Invantive product and when it fits your security policy to use an external provided callback URL, you can use https://exactonlineclientredirect.invantive.com. In fact, most Invantive products support any callback URL since they run without a browser environment.
Exact Online App Authorisation Details
Preauthenticate
Then preauthenticate the application:
•Open Invantive Cloud.
•Choose "Preauthenticate" in the menu.
•Read and fill out the form as shown using the values previously noted:
•When you use a redirect URI different from cloud.invantive.com, remember to check the box "Deviating Redirect URI". If so, an additional form appears labeled "Exchange Code".
•Click on the "Preauthenticate" button.
•Exact Online will now ask you to authenticate yourself:
•On successful authentication, Exact Online will ask you to authenticate access by the application to your Exact Online data with the same privileges as the user:
•Click on "Allow".
•The browser will be redirected to the redirect URI.
•The URL will contain essential information for preauthentication.
•Click in the URL and copy the whole URL to the clipboard:
•Exchange the URL into a OAuth2 refresh token by pasting it in the field "Code Return URL" and press the button "Exchange".
•The resulting page displays the settings for preauthenticating your application:
•The field "Refresh Token" contains the OAuth2 refresh token.
•The field "Content settings.xml" contains an Invantive database definition for storage as a file named settings-<NAME>.xml in %USERPROFILE%\invantive. Confidential information in the connection string is however readable in plain text.