Exchange side configuration has been already carried out and i have configured clientid and secret on creation (i've configured tenantid too which is not mandatory but i think it should be).
This puzzles me because in client credentials authorization no login should be asked to the user. In order to figure out where the issue is i would normaly trace the rest call made by creatio to obtain the token i invoke graph api. Sadly i couldn't figure out at all how to do this or if it is even possible.
Do you have any suggestion on how i can debug this scenario or similar ones where i have to check api call made by creatio?
What you're describing will work (having the system start a process every time an email is received in that mailbox or even auto sending emails from that mailbox in the background - all independent of users accessing the system). You just need to add the mailbox first. The credentials is only needed initially add the mailbox. Accessing any mailbox does require credentials, which is what gives the mail server context as to which mailbox is being accessed.
If this is some system mailbox that will be used for automated messages, there still is a user context to get access to the mailbox. What I often do is add that as an admin level user in Creatio. Once added, Creatio will continue to retrieve or send email via that mailbox regardless of whether that admin level user ever logs into Creatio again. The mailbox will be available to use in processes etc.
When you set up OAuth for Office365/Exchange mailboxes, it doesn't mean that no login info is asked of the user. It only means that Office365/Exchange is who asks for the login info of the user, not Creatio. The expected behavior is that a user adds their mailbox, they get redirected to the Exchange/Office365 login to authorize Creatio to use the mailbox, then redirected back to Creatio. If the user is already logged into their mailbox in the browser, they will not be asked to log in again and will only see the screen to authorize Creatio to use the mailbox.
Hi Ryan, thank you for your feedback. I guess i gotta go back to the accademy because i really didn't figure out this mimic. I thought, since we were setting up a client credentials oauth flow, that it was a machine to machine integration. Without the need for a user to input any password (which in my scenario isn't even known). If a user authentication is required to obtain a token that persist in the session i don't see how it would be possible to create automated and unattended processes that receive and sends from this mailbox. Above all what i'm trying to accomplish is to have a business process to start automatically every time a mail is received in the mailbox (independently by the users logged in the system). At this point it's hard for me to understand if it is even possible with out of the box features.
What you're describing will work (having the system start a process every time an email is received in that mailbox or even auto sending emails from that mailbox in the background - all independent of users accessing the system). You just need to add the mailbox first. The credentials is only needed initially add the mailbox. Accessing any mailbox does require credentials, which is what gives the mail server context as to which mailbox is being accessed.
If this is some system mailbox that will be used for automated messages, there still is a user context to get access to the mailbox. What I often do is add that as an admin level user in Creatio. Once added, Creatio will continue to retrieve or send email via that mailbox regardless of whether that admin level user ever logs into Creatio again. The mailbox will be available to use in processes etc.
The behavior seems a bit odd, and I wasn’t able to reproduce it. I recommend trying the following steps:
Add the "Errors of multi deleting" lookup and check the logs from the moment you attempted the deletion. Most likely, there’s a foreign key constraint error in the database. Check which table the record is referencing.
There may be a case where the object was deleted from the system, but a reference to the record remained in the DB. In such a case, you’ll need to either manually delete the related record from the referencing table or nullify the relationship.
Another possible scenario is that the related object was deleted, but the source code generation was not performed. As a result, the system is trying to resolve a link to a deleted object. To analyze this, open the Network tab in Developer Tools before clicking the "View details" button and check if there are any errors in the requests — especially the "GetDependentEntities" request.
In any case, it's best to start with the "Errors of multi deleting" logs and then proceed with analysis based on the result — checking whether the issue lies in a constraint, which object it refers to, whether it still exists, and whether it’s a system object, etc.
Hope this helps!
If these steps don’t help identify the root cause, please contact our support team at support@creatio.com.
I'm trying to deploy de Identity Service to be able to use the external Outh 2.0 authorization and im using the docker deploy option but when i run the container, i got the error "It was not possible to connect to the redis server(s). Error connecting right now."
I also tried to modify the redis connectio string with my value in the ConnectionString.config file of my main creatio application but dosen't work.
I want to know my client secret in creatio studio's system settings, but it is encrypted how can I know what it is to integrate my application with creatio
You cannot decrypt the encrypted field. The data in the secret field is hidden because it contains confidential information for a specific system. You don't need the secret key from system settings to set up OAuth integration. Please follow the instructions provided to resolve the issue: https://academy.creatio.com/docs/8.x/setup-and-administration/on-site-d…
While doing changes in the appsettings.json, and testing it. I got an error "It was not possible to connect to the redis server(s). UnableToConnect on tscore-dev-30:6379/Interactive, Initializing". In that file, "RedisConnection": "tscore-dev-30" is already set by default.
I also tried to update it with the redis connectionstring which was used in the main application but it is giving me an error while setting up the default response in creatio.
While setting up as per the article, there is one required field in the OAuth Setting fields which is "Auth code request URL".
But the API endpoints for which, I have to make use of Web Service OAuth Authentication, is not having settings for Auth code request URL required parameter.
Please guide and help me on this point that how I can set up OAuth Authentication in web service without Auth code request URL.
I have to use Odata of Creatio environment from Postman using OAuth 2.0 authentication. For that, I have followed a Tech hour session of Creatio Trainers.
Thank you! This message is usually returned in case you are not authenticated. Did you use UserName and UserPassword as a ClientId and ClientSecret and used Basic Auth? And also are you passing a form-data grant_type key in the headers and also using the identity service URL as an endpoint to send request?
I am trying to enable OAuth 2.0 authorization for configuration web services on a on-premises Creatio v7.17/MS SQL instance. I followed this article and got stuck at Point #3 (Creating default resource). Has anyone been able to enable OAuth 2.0 successfully?? Pls find below some details reg my use case -
On trying to add a default resource from the Creatio GUI, we get an error. Ref "Error.png". There is no mention of having to change/fix 'IdentityServerClientId' and 'IdentityServerClientSecret' system settings in the Academy article. The article only mentions OAuth2.0 settings. I went ahead and set the same ClientId & ClientSecret in the above two system settings also. The same error continues.
appsettings.json file used to setup IdentityService.
There is a console error which says Ext.JSON.decode is unable to decode the JSON string. However gives no info reg which JSON string it is speaking about. Ref "ConsoleError.png"
Pls find below value of all relevant system settings -
OAuth20IdentityServerUrl & IdentityServerUrl - "http://localhost:90" (This is where IdentityService is hosted)
There are a few possible root causes of the issue and it's hard to tell the exact one only with the information provided and with no access to the instance.
Please contact our support team via an email: support@creatio.com and submit the support request so we could check all the needed details.
I have successfully configured OAuth 2.0 authorization on my localhost. I had the same error as you, to check ClientId and ClientSecret. After checking with Creatio support, the problem was in appsettings.json with Clients part of configuration. I have copied Client block of code from Step 10 of this article into appsettings.json (\"AllowedScopes\": part was missing) and after that successfully Generated default resource. Please try that and let us know if it worked. Thanks.
We are able to integrate.Just need a small change need to give Authorization server Url for OAuth 2.0 integrations http://localhost:5000/ need to go to root dirctory of identityService and run dotnet IdentityService.dll in cmd or terminal
Hi , Can anyone help me in solving the errror while seeting up OAuth Authentication getting error in redirect Url as
The server encountered an error processing the request. The exception message is 'Object reference not set to an instance of an object.'
Here I am attaching the screenshot of configuration of OAuth login Page.
I am getting the exception after allowing permsission and after redirect Url . Should i need to add anything extra in redirect url or how will i get access token based on result of Redirect URL?
