Authentication
The integration process for any application with Zoho Analytics begins with authentication, where a user is asked to verify their identity. Configure the authentication and authorization method to be used for verification. Define the authorization scopes to specify the level of access.
Authentication Type
Zoho Analytics currently supports three authentication methods, OAuth1.0, OAuth2.0 and API Key.
OAuth (1.0 & 2.0)
OAuth (Open Authorization) is an open standard that allows third-party applications to access a user's data on another service without exposing the user's login credentials.
- A unique identifier is provided to every client application. This ID is provided by the resource owner. Specify the Client ID given for your application.
- Every client application has a secret code mapped to it. This is done to prevent unauthorized access to the resource. Specify the Client Secret.
- Specify the Redirect URL to which the end user will be redirected, once data access has been authorized. The client application will generate a redirect URL automatically.
API key
An API key is a unique identifier used to authenticate requests made to an application programming interface (API). It allows the app providing the API to track and control how the API is being used.
Authentication Inputs
Authentication Inputs are information received from the user to verify the identity while accessing an application. This can include a Domain name, Username, Password, etc.
- Name: Specify the Labels to be displayed for each input field.
- UI Component (Input Type): Specify the type of data that users are expected to provide during authentication. This can include a text or password.
- Type: Choose any one of the following types based on the property type of the input field.
Authentication Steps (applicable only for OAuth)
Once the user has provided the authentication details, the provided details need to be verified to grant access and fetch the data from the source application. The Client application (Zoho Analytics) sends a token request, including the provided authentication details to the authorization server. This server then validates the provided credentials and responds with an access token. Upon successful verification of the access token, the client application (Zoho Analytics) can fetch data from the source application.
The Authentication Steps section helps configure the necessary details required for initiating the backend authentication process. Provide the following details,
- Step Name: Give a suitable name for the backend process.
- Base URL: A Base URL is the foundational part of a web address (URL) that remains the same across multiple requests or endpoints in a web application. It serves as the starting point for all API calls. Eg:https://api.example.com/
- Method: Choose the Method to be used to receive the token.
- POST: It is used for sending information to the server, such as credentials.
- GET: It is used for retrieving information such as tokens.
- Response Type: Choose the format in which the token should be received from the authentication server. The following are supported response types, JSON, CSV, ZIP of CSV, and ZIP of JSON.
Request Method
The Request Method defines the type of communication to be followed by the client and server. It defines the desired action to be performed on a resource, such as retrieving data, submitting data, or updating information.
Request Method | Explanation |
(Query) Parameter | Query parameters are parameters that are included in the URL of a request. Query parameters are appended to the URL after a question mark (?) and separated by ampersands (&) if there are multiple parameters. For example, in the URL https://api.example.com/users?username=jane_doe&status=active, username and status are query parameters. |
Header Parameter | A header parameter in HTTPS requests is a key-value pair that is sent in the request header to provide information about the request or client. These headers help the server understand the context of the request, handle authentication, or provide metadata. |
URL Encoded Form Data | URL-encoded form data is used primarily in POST requests to send data in the body of the request. It is also encoded in key-value pairs, but it is not part of the URL. |
Response Format
Provide the response format.
- Unique Name: represents the type of response returned by the OAuth server, indicating what kind of data it contains.
- Path: This specifies the endpoint where the response is expected. It identifies the URL that the client should call to get the desired information.
- Field Mapping: This details the specific fields included in the response body, mapping each field to its meaning, data type, and whether it is required or optional. Understanding these fields is essential for clients to know how to use the returned data.
- Look In: This indicates where in the JSON structure the relevant data can be found, guiding developers on how to access the data in the response. This is essential for clients to parse and utilize the data correctly.
Authorization
Authorization scopes are defined permissions that specify the level of access an application can request on behalf of a user in an authorization framework. It is used to limit the actions the application can perform or the data it can access, providing a granular control mechanism over user permissions.
Token Renewal
Token renewal is essential in maintaining continuous and secure access to APIs without repeatedly requiring the user to log in. Select the checkbox Token Renewal Required to enable automatic refresh of the authentication token when it expires.
Test Connection Configuration
The Test Connection Configuration helps verify if the connection you created to your application by using the selected authentication method, works correctly. To authenticate the connection to the application, you must make an API call to any of the application's APIs. You can either use an existing action that you have already configured in the Actions tab or set up a custom action from an API that can be used to test the ping configuration.
- Base URL: Enter the Base URL to be used for verification.
- Choose the Method, Get or Post to be used for sending requests.