-
Task
-
Resolution: Unresolved
-
L3 - Default
-
None
-
None
-
None
-
Not defined
Even as an Optimize dev it took me a while to figure out how to retrieve the correct token, we should update the docs so they're clearer and easier to follow. The main issues for me where:
- I didnt know what "the authorization server" is (in "send a token issue POST request to the authorization server with the following content:"). Turns out you have to navigate to your API client and copy the oAuth URL for that
- the documented audience is wrong, it says the default is `optimize.camunda.io` but using that I got a 401. I guessed "optimize.ultrawombat.com" and that worked, but I dont see this documented anywhere
- this wasn't an issue for me but I think for users its not clear that you have to do this as a separate step before using the Optimize API, and then use the returned token in the auth header for the Optimize API. Users may assume that the {"client_id": "<client-id>", ....} body is to be sent to the public optimize api
AT:
- authorization docs are easier to follow
This is the controller panel for Smart Panels app
[OPT-7307] Improve Cloud API auth docs
| Description |
Original:
*Context:*
[https://docs.camunda.io/optimize/apis-tools/optimize-api/optimize-api-authorization/#how-to-obtain-the-access-token-for-c8-saas-cloud-usage] Even as an Optimize dev it took me a while to figure out how to retrieve the correct token, we should update the docs so they're clearer and easier to follow. The main issues for me where: - I didnt know what "the authorization server" is (in "send a token issue _POST_ request to the authorization server with the following content:"). Turns out you have to navigate to your API client and copy the oAuth URL for that - the documented audience is wrong, it says the default is `optimize.camunda.io` but using that I got a 401. I guessed "optimize.ultrawombat.com" and that worked, but I dont see this documented anywhere - this wasn't an issue for me but I think for users its not clear that you have to do this as a separate step before using the Optimize API, and then use the returned token in the auth header for the Optimize API. *AT:* * authorization docs are easier to follow |
New:
*Context:*
[https://docs.camunda.io/optimize/apis-tools/optimize-api/optimize-api-authorization/#how-to-obtain-the-access-token-for-c8-saas-cloud-usage] Even as an Optimize dev it took me a while to figure out how to retrieve the correct token, we should update the docs so they're clearer and easier to follow. The main issues for me where: - I didnt know what "the authorization server" is (in "send a token issue _POST_ request to the authorization server with the following content:"). Turns out you have to navigate to your API client and copy the oAuth URL for that - the documented audience is wrong, it says the default is `optimize.camunda.io` but using that I got a 401. I guessed "optimize.ultrawombat.com" and that worked, but I dont see this documented anywhere - this wasn't an issue for me but I think for users its not clear that you have to do this as a separate step before using the Optimize API, and then use the returned token in the auth header for the Optimize API. Users may assume that the \{"client_id": "<client-id>", ....} body is to be sent to the public optimize api *AT:* * authorization docs are easier to follow |