A sample app demonstrating OAuth 2.0 and other features using Core API.
Before getting started, it might be helpful to have a basic understanding of OAuth 2.0 and related concepts. To know more about OAuth 2.0 refer to Core API Documentation. The purpose of this sample app is to perform three basic functions:
- Complete the authorization process and receive tokens for communicating with Core
- Demonstrate how to implement sign in with Core using OpenId scopes
- Call Core Public API resources using access token
- Revoke the tokens
To successfully run this app, you need the following:
- A Core developer account
- An app on Developer Portal and the associated client_id, client_secret and redirect_uri
- Core company
All the configuration of this app is located in web.config. Its values must match exactly with what is listed in the app settings on the Developer Portal. To get started, you need to make the required changes in the web.config appsettings section. You can set the preferences like required endpoint urls, client app credentials and desired scopes for authentication. OAuth 2.0 needs read:core or readwrite:core scopes for consuming Core APIs. Additionally, offline_access scope will provide the refresh token while authenticating the client app. Openid and profile scopes will provide user information like name, family name, email and will not work while connecting with Core.
- Authorization
- Authentication
- Account - Create and Retrieve
We allow the following simple filters on different endpoints:
- fields - To specify only those model properties which you want in the response body
- where - To specify only those records that match the query expression
- orderBy - To specify by which field you want to order the item list
- page - To specify the page number and number of records on each page
Core API allows operators to manipulate individual data items and return a result set. To know more go to Core operators