Go to All Forums

Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

Site24x7 offers a comprehensive set of documented REST APIs for your monitoring and reporting needs. To provide a more secured access to your resources, we are migrating to OAuth 2.0 protocol from authtokens for authorizing the APIs.

Why move to OAuth 2.0?

  • Access restrictions can be placed. You can decide the kind of access third party apps/scripts require for its functioning.
  • APIs can be segregated based on scopes. You can select the scopes based on your usage/requirement, and not all the APIs need to be exposed.
  • Provides a delegated access token that has an expiry time (one hour), unlike authtokens that have permanent validity.

Getting Started with OAuth 2.0:

The OAuth token can be created in 3 steps:

  • Registering your Client Application
  • Generating the Grant Token
  • Generating the Access and Refresh Tokens using the Grant Token

When making an API call, the OAuth token is passed in the Authorization header as Zoho-oauthtoken {access_token}, similar to the authtoken (Zoho-authtoken {auth_token}).

Refer our API documentation to get started!

Deprecation of Authtokens:

Creation of new authtokens will be deprecated by 31st August, 2019 and the existing ones will be deprecated by 30th November, 2019. Please update your existing code/script and migrate to OAuth 2.0 within the mentioned period.

 

Happy Monitoring!

Like (18) Reply
Replies (20)

Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

A gentle reminder to migrate to OAuth 2.0. You cannot create new authtokens (deprecated on 31st August, 2019) and the existing ones will be deprecated by 30th November, 2019.

Like (0) Reply

Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

Hi,

Please find attached sample implementations (Python & PowerShell scripts) using OAuth 2.0 tokens. Read this article to know more on configuring Postman authorization for Site24x7 APIs.

For any questions, please comment in the below thread.

 

Regards

Mathangi

Attachments
Like (0) Reply

Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

Just as an FYI, there is a bug with the Python script. While refreshing the access token using the refresh token, the refresh token will not be re-saved to the json.

In its current state the script can only generate the access token and the refresh it just one time.

Just adding one line to the refreshAccessToken() method fixed it for me.

Like (0) Reply

Re: Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

Hi,

Thanks for pointing it out. Please find attached the corrected Python script. Have re-uploaded the Python file in my previous comment as well.

Hope this helps. Let us know for further queries, if any. 

 

Regards

Mathangi 

Attachments
Like (0) Reply

Re: Re: Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

by John

Hello, you wouldn't have an example written in java would you?  Thanks.

Like (0) Reply

Re: Re: Re: Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

Hi,

Thanks for raising this. We are working on this. Will post an update here once the file is ready.

 

Regards

Mathangi

Like (0) Reply

Re: Re: Re: Re: Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

by John

thanks, and sorry i should have said javascript not java... appreciate it.

Like (1) Reply

Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

Hello, 

We have released another sample implementation in Golang. Please find the script attached in this post.

Note: go1.12 is the minimum version required to run this program. 

For any questions, please comment in the below thread.

 

Regards

Mathangi

Attachments
Like (0) Reply

Re: Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

We have been testing with the Powershell script you provided.  We were successful in calling the Get-AccessToken and Sample-GetRequest functions many times. 

But the issue we are running into is we intermittently receive an error that states:
Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a send.
.......
WARNING: access_token is missing

We are calling the Sample-GetRequest once every 10 minutes and it will eventually execute successful after a few retries.

Any guidance is welcome

 

Like (0) Reply

Re: Re: Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

We are also getting similar issue, message we get is "Unable to connect to the remote server". I even tried putting sleep command but still the same, seems to be intermittent.

Like (0) Reply

Re: Re: Re: Re: Re: Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

Hi,

Please find attached the sample implementation in Javascript.

Note: Make sure Node.js and the request library is installed to run this file.

 

Hope this helps. For any questions, please comment in the below thread.

 

Regards

Mathangi

Attachments
Site24x7OAuth.zip
Size: 2.28 KB
Like (0) Reply

Re: Re: Re: Re: Re: Re: Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

Mathangi,

Can you update the Powershell file as well?  We can't use node.js in our environment.

Thanks

Like (0) Reply

Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

Hi Walter,

Sure, our development team is working on it. Will post an update at the earliest.

 

Thanks for understanding.

 

Regards

Mathangi

Like (0) Reply

Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

Any update on this? Its been 4 days and I'm still getting constant failures when calling the api to generate access token from refresh token potion thats in the powershell stanza.

Like (0) Reply

Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

We added loop when using the invoke-request to get API data, we still see timeouts in the logs but the loop will keep trying until successful. Seems to be problem on Site 24x7 API servers

$GetAPM = $null
Do
{$GetAPM = Invoke-RestMethod -Uri $APMuri -UseBasicParsing -Method Get -Headers $headers | ConvertTo-Json}
While ($GetAPM.Length -eq 0)

Like (1) Reply

Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

by Si

Hi Mathangi

Thank you for your post.

I have now created an OAuth 2.0 Access Token and built a script in Postman to setup an ad-hoc maintenance window. My intention is to automate this process as part of our build and release pipelines in Azure DevOps so that we can carry out a release to a 24x7 monitored application at anytime without triggering alerts, buy calling the Postman or curl script.

The issue I have is that the Access Token only seems to be valid for a very short time (hours) which would mean I couldn't built this in as a step in our automated release framework without generating a new token every day.

Am I missing something here? Is there a way to grant an Access Token (I'm using the Web Based Client) which would last for a year, for example?

Many thanks in advance.

Like (0) Reply

Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

Hi,

Refresh token is a permanent token. You have to use the refresh token to generate new access token after it got expired (in one hour).

Please check "PART 5: GENERATE ACCESS TOKEN FROM REFRESH TOKEN" in API Doc

https://www.site24x7.com/help/api/#authentication

Thillai.

Like (0) Reply

Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

We migrate our scripts to the new method, well this fails all the time, we have cases opened but with no solution, please roll back this until is stable

Like (0) Reply

Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

Is the Token data URL (accounts.zoho.com/oauth/v2/token) same for all data centers?

Please confirm if its the same for Europe.

 

Like (0) Reply

Re: Re: Re: Re: Migrating to OAuth 2.0 for Authenticating the Site24x7 REST APIs

No, the URL changes for each data center. For Europe you have to use https://accounts.zoho.eu/oauth/v2/token

For other data centers, please check API Doc https://www.site24x7.com/help/api/#authentication

Like (0) Reply

Was this post helpful?