7 Replies Latest reply on Jul 31, 2014 12:32 PM by chris.wilkinson.csa

    Same Add-On's ClienId/SecretKey for multiple networks

    fernando.nardini

      Hello, I'd like to know if it is possible to have the exact same add-on's "ClientId/SecretKey" pair for multiple networks, so I can get oauth access tokens for different users specifying only a different URL for each Jive community (without changing the Clientid or Secret Key).

       

      Thanks!

        • Re: Same Add-On's ClienId/SecretKey for multiple networks
          Robert Hanson

          Hello, I'd like to know if it is possible to have the exact same add-on's "ClientId/SecretKey" pair for multiple networks

           

          By "multiple networks" I assume you mean multiple Jive instances (aka communities).

           

          No, you can't.  These are generated by Jive and can't be changed.

            • Re: Same Add-On's ClienId/SecretKey for multiple networks
              fernando.nardini

              Robert, thanks for your reply. I mean multiple Jive cloud communities, like customer1.jiveon.com and customer2.jiveon.com. Isn't it possible even if I publish the add-on to the Global Registry?

                • Re: Same Add-On's ClienId/SecretKey for multiple networks
                  Robert Hanson

                  > Isn't it possible even if I publish the add-on to the Global Registry?

                   

                  No.  I'm not quite understanding why you need it.  Your app doesn't normally need the client id and secret unless you are also running an external service.  And if this is the case, when your add-on is installed in your community Jive will call your service and provide the client id and secret to you.  You just need to provide a registration URL in the add-on mete data.

                   

                  If you are using the Jive SDK, it already handles all of this for you and records the client id and secret that Jive sends it.  For tiles it goes a step further and also records the security token that your service can use to update the tile data.  Again, this is passed in the registration process.

                   

                  But if you don't have an external service, then you shouldn't need the client id and secret anyway.

                   

                  I guess I'm a little confused about what your situation is, because the client id and secret doesn't do much for you.  I.e. you can't access Jive with it (you need a token for that).

                    • Re: Same Add-On's ClienId/SecretKey for multiple networks
                      fernando.nardini

                      Robert, we are enhancing our current product to integrate with Jive in addition to other social networks. We are implementing a service which will use Jive REST API to access data in each of our customer's Jive community. We are trying to find the easiest to authenticate our service. With other social networks we only need to store Client Id and Secret and we would like to use a similar approach with Jive. What's the easiest way for us to accomplish this?

                        • Re: Same Add-On's ClienId/SecretKey for multiple networks
                          Robert Hanson

                          There isn't just one Jive, there are lots of them, so I expect that Jive doesn't allow this because it would be a security risk if an admin of one Jive instance knew the client ID and secrets used by other Jive instances.

                           

                          I'm also not sure how far you have gotten into this, but Jive doesn't support all of OAuth.  Specifically it doesn't support the "client credentials" grant type.  I don't know if that is a problem for you.

                           

                          Anyway, no getting around it.  Each Jive community will have a different client ID and secret generated when the add-on is installed.

                          1 person found this helpful
                  • Re: Same Add-On's ClienId/SecretKey for multiple networks

                    Hi!

                     

                    Actually, Robert Hanson, this is not quite correct. It is possible to set a client id and secret in an add-on, that will be consistent across all Jive instances the add-on is deployed on.

                    This is what the Jive iOS and Android apps are doing. You'll notice those add-ons are not showing the "Show client ID and secret" action in the add-on config dialog.

                    Also, they are using OAuth for authentication (using the Resource Owner Password grant, which allows you to use client credentials to authenticate).

                     

                    Fernando Nardini I got some information on this from Jive earlier this week (we need this functionality for our Windows Phone and Lotus Notes apps for Jive) and will keep you posted on whether this actually works for 3rd party add-ons or is internal to Jive.

                    1 person found this helpful