Hello!
The two terms are similar but have different meanings and purposes in the OAuth2.0 authorization process. Let me briefly explain.
Step 1
The Custom Connector sends an HTTP request to the Authorization URL you provide in the UI. This request carries your provided ‘Client ID’ and ‘Client Secret’ and uses these to authenticate with ShareFile.
Step 2
ShareFile accepts the credentials and issues your Custom Connector with an authorization code as proof of the authentication, but it needs to know where to send this information…
Step 3
ShareFile redirects to the ‘Redirect URL’ which is usually something like ‘global.azure-apim.net’ and carries the authorization code a query parameter (usually called ‘code’).
Step 4
Custom Connector exchanges this authorization code with the ‘Token URL’ and swaps the code for a token. This is the token the Custom Connector will include in every HTTP request you send to the ShareFile API in order to fully authenticate itself.
Step 5
The token does not last forever (usually 30 mins but it varies). When the token expires you will need to get a new one. This is where the Custom Connector uses the ‘Refresh URL’ you provide. Instead of starting all over again from step 1 it skips to step 4 and exchanges your previous authorization code for a new token.
Answer
In summary, no you do not want to use the same value for both fields. If the ShareFile API does not provide a ‘Refresh URL’ just reuse the ‘Token URL’ for both fields.
An API might have a single ‘Token URL’ endpoint but routing and logic within that to process refresh requests and initial token requests separately, or they may have no separate refresh logic at all.
’Redirect URI’ is a value the Power Apps will autogenerate once you complete all other fields and save your custom connector for the first time.
Useful source: https://www.oauth.com/oauth2-servers/server-side-apps/example-flow/
Please accept this solution if it helped
