OAuth 2.0 is an authorization protocol that provides a secure mechanism for third-party clients or applications to request access to private resources in another system such as Maximizer CRM.
For more information about OAuth 2.0; refer to the OAuth community site: http://oauth.net/2/ When installing a third-party application or integration that integrates with Maximizer; refer to the application’s documentation to see if the application requires OAuth access and for how to configure OAuth access within the application. |
Maximizer CRM supports OAuth 2.0 to allow third-party applications and custom integrations that interact with Maximizer to access your Maximizer data. Maximizer’s OAuth support allows you to authorize third-party applications to access your Maximizer CRM data without having to provide the application with your Maximizer username and password.
To add approved OAuth clients
In order for a third-party application to access your Maximizer CRM data; you must first add the application to the list of approved OAuth 2.0 clients. You can add and remove applications from the list of approved OAuth 2.0 clients in the OAuth 2.0 Settings tab of the System Options page.
When you add an approved OAuth 2.0 client; Maximizer generates a unique Client Id and Client secret that the client application will need in order to request access to your Maximizer CRM data. Refer to the documentation for the client application for information on how to use the Client Id and Client secret in the application.
Do not share the Client Id and Client secret for an approved OAuth 2.0 client with anyone other than the approved client application; as anyone with this information could potentially impersonate the approved client application and gain access to your Maximizer CRM data.
When adding a new OAuth 2.0 client; you must enter a Redirect URI for the client application after authentication succeeds. Refer to the documentation for the client application for the value to enter in this field. |
- In the left pane; under Preferences; select System Options.
- Select the OAuth 2.0 Settings tab.
- Click Add.
- Enter the OAuth 2.0 client application details.
- Enter the Name of the OAuth 2.0 client application that you are approving for access.
- Enter the Redirect URI to which users are redirected after the OAuth request is completed.
- Click Save.
Resetting OAuth client secrets
If you are concerned that the Client secret for an approved OAuth 2.0 application may have been compromised; you can easily generate a new Client secret for the application. Once you have generated a new Client secret for an application; any requests that are received using the old secret will automatically be rejected.
After generating the new Client secret for an approved third-party client application; you will need to update the application to use the new Client secret.
Refer to the documentation for the client application for information on how to use the Client Id and Client secret in the application. |
- In the left pane; under Preferences; select System Options.
- Select the OAuth 2.0 Settings tab.
- Click the name of an approved OAuth client in the list. The details for the OAuth client open.
- Click Reset secret. A new Client secret is generated for the OAuth client.
- Click Save.