OAuth Using Mobile Framework (i.e. Alamofire)

I am going to be developing a native iOS application that will use InfusionSoft. Is there a way to authenticate a user natively? I’m not sure about the redirect_uri either, I want to avoid use a WebView inside my application. I was trying to test OAuth using Postman on my Mac but couldn’t get the Request Permission step to work either.

Using postman you will need to use the client version (not the web version). If you are using oauth for IS on mobile apps, then it is likely that you will need to run a proxy service to manage tokens on a backend. The authentication only has to happen once and then refresh is maintained by you but it does have to initially happen. There is no way to otherwise know what app the user has authorized as many apps can be registered under any given single user’s login.

I am attempting to use SFSafariViewController with a custom callback URL scheme. I got a “Server Error” response though after I authorize the app.

Not sure what location you’re using for call back but it has to be something that has code to respond otherwise it will not succeed. I’ve had other reasons for server errors that involved the code failing due to php version differences and the like as well.

In iOS you can launch an SFSafariViewController which is an embedded Safari browser window, you can then create a custom URL scheme so that your redirect_uri is essentially your app, that response is then captured when it returns to the app from the browser. This works for many other OAuth platforms, InfusionSoft is not very mobile friendly.

It’s really two separate subjects. What you’re capturing with the mobile app is the authorization token but you have not yet gotten the access and refresh tokens (which is what the auth token allows you to do) and that is the responding code I’m referring to. IS has to use OAuth this way to enable application based authentication since a single login credential may have many apps on it so the process is used as it is to facilitate that. If you want to manage oauth that way, then your instance must be able to request the access token after receiving the auth token and then to keep it live it will have to use the refresh token to get a new access/refresh token set every 24 hours.

I can’t get it to return me the authorization token, that is the step where I’m getting the Server Error returned. Does the authorization token expire? When the refresh token is expired do I then have to have the user log back in and re-authorize the app? I’m trying to create an experience that the user doesn’t have to do that without having a separate server piece to manage refreshing the token. Requesting the access and refresh token once I get the auth token is the easy step once I can figure out why I am getting a Server Error returned to me when requesting the authorization token.

Yes, auth token expires after 24 hours and refresh token expires after 90 days. You would need a proxy service setup to maintain that one way or another if you don’t want the app user to have to re-authorize every 24 hours. So the call back url is so IS can send the authorization token to a script that then uses that to get the access and refresh tokens. Then the tokens are refreshed every 24 hours and the new ones stored…and so on and so forth.

I have gotten everything working in Swift on iOS, I may make my work for this into an open source project at some point.

1 Like

@Jason_Ash Hmm… in order to do a good job helping you, I think we’ll need to know what URLs you’re hitting, in what order, and what their payloads are.

I have it working, I was able to solve my issue. Thanks.