I'm working on a Custom Connector to connect to the Withings API to retrieve daily weight data from a Withings Wi-fi enabled scale like one of these: https://www.withings.com/uk/en/scales.
The API uses OAuth 2.0 for authentication. I've been experimenting with Postman as well as with building a custom connector for the Power Platform, but I haven't been able to get the latter to work. I have a theory why this might be, and wondered if anyone could tell me whether I'm on the right track.
I can request authorisation for the user, and that part is working fine. However, when an Access Token is requested from the API, it returns it in the following format (see https://developer.withings.com/oauth2/#operation/oauth2-getaccesstoken). The following is returned as the body of the response:
{ "status":0, "body":{ "userid":"107502", "access_token":"0e5c04e42ef1ff10b89343b7eb0d5c0f8ec5514e", "refresh_token":"70543ad031cb1f3b78bfe99706151951cf5cdadb", "scope":"user.metrics", "expires_in":10800, "token_type":"Bearer" } }
According to the RFC for OAuth2, the format of the JSON returned should be just the contents of the "body" object of the JSON above: https://tools.ietf.org/html/rfc6749#section-5.1
Could this be why my Custom Connector isn't working properly?
Hi @murshed, well I'm wondering if the fact that the Withings API is returning a response which appears not to strictly conform to the OAUTH2 definition might be the reason that my custom connector isn't working. I wasn't able to find any way of debugging Custom Connectors, so it's hard to know what's actually happening "under the hood" when things don't work.
Anyway, I've worked around the problem by using a Power App and a couple of Flows to handle the OAUTH2 functionality, along with the quirks of this particular API. Luckily I don't need multi-user access for this particular application.
Thanks for your help.
Hi @Interlock
It sounds like your custom connector is handling the authentication request. Can you please explain a little bit more? Ideally, you would define the authentication for the custom connector and flow takes care of the authentication based on the definition. The decoupling has a lot benefits - a connector can work for multiple users in a more secure way.
If this reply answers your question or solves your issue, please ACCEPT AS SOLUTION ☑️. If you find this reply helpful, please consider giving it a LIKE 👍.