jsanders

Proper cURL options to get an access token from RingCentral

Discussion created by jsanders on Nov 22, 2018
Latest reply on Dec 3, 2018 by Jason Wood

-Get a (free) ringcentral developer account.

-Create/Register an "app" from your dev account panel.  Set it up so you can use "Password Flow" Authentication

-In Filemaker use the  "Insert from URL" scrip step with the following prameters:

 

Specify URL: "https://platform.devtest.ringcentral.com/restapi/oauth/token

Check "Automatically encode URL" I don't know why.

 

Target: $yourTokenHoldingVariable

Success means that this variable will populated by by the API with a JSON object containing Access and Refresh tokens.. both of which are subjects for a different day.

 

cURL Options: <--------where the magic happens and where I died many times on the hill of disappointment

 

Here is what you are trying to create (less the carriage returns I added here fror easy reading):

 

-X POST

-H "Accept: application/json"

-H "Content-Type: application/x-www-form-urlencoded"

-H "Authorization: Basic  [Base64Encoded<appKeyorID>:<appSecret>]"

-d "username=<username>&password=<password>&extension=<extension>&grant_type=password"

-D $dump

 

 

Here is the code (again with some returns for easy reading):

 

"-X POST" &

" -H \"Accept: application/json\"" &

" -H \"Content-Type: application/x-www-form-urlencoded\"" &

" -H \"Authorization: Basic "& Base64EncodeRFC (4648;API::Client ID &":"& API::secret ) & "\"" &

" -d grant_type=password&username=*********&extension=101&password=************" &

" -D $dump"

 

 

Here are results from the calculation engine with some carriage returns here for ease of reading:

 

-X POST

-H "Accept: application/json"

-H "Content-Type: application/x-www-form-urlencoded"

-H "Authorization: Basic EkjfiKkfjikjcksidfjskeiowcolonappfsdfdfKFAKETRUNCIATEDFORTHISPOST=="

-d grant_type=password&username=15834234193&extension=101&password=notReallyMyPassword

-D $dump

 

 

Further breakdown... someone who *actually* knows what they are doing: Chime in!

 

 

-X POST

 

We are posting here... let the API know.

 

 

-H "Accept: application/json"

 

Header telling the api we are expecting (Accepting?) JSON in return.

 

 

-H "Content-Type: application/x-www-form-urlencoded"

 

Uh... some HTTP / cURL stuff.  I think this is telling the API that we are passing data in a URLencoded form.

 

 

-H "Authorization: Basic EkjfiKkfjikjcksidfjskeiowcolonappfsdfdfKFAKETRUNCIATEDFORTHISPOST=="

 

"Basic" "Authorization" Header. Here we are Authorizing or Authenticating our APPLICATION. To build that big random looking string of characters: You need to Base64Encode, the concatenation of, your Client ID, a : (colon), AND your Application Secret. Read the previous sentence again... slowly.  This concatenated, encoded string is your Application Key.

 

If you store your Client ID and Secret in fields, this function should work:

 

Base64EncodeRFC (4648;API::AppKeyOrClient ID &":"& API::secret )

 

 

 

 

-d grant_type=password&username=1585643673&extension=101&password=NotReallyMyPassword

 

Here we are Authenticating the USER of the Application.  The user name is the users phone number or email address.

 

-d means "here is a payload of data"

 

 

-D $ourDumpVariable

 

This is not required by the API but is helpful to us for troubleshooting. -D in cURL means "dump" (send back to us?) the entire response... success or failure.  and $ourDumpVariable is a filemaker variable conjured by the cURL options of this Insert from URL script step.  This is a critical tool for figuring out WTF when wrong.

Outcomes