oAuth 2 + Client Assertion (JWT)

jesse · October 16, 2023, 12:11pm

For one of our customers I need to make a connection with UPS for their 3PL integration.

UPS uses oAuth2 in combination with client assertion / JWT tokens which currently are not supported in Alumio.

More public information can be found here: OAuth 2.0 Client Authentication. This article explains “OAuth 2.0 client… | by Takahiko Kawasaki | Medium

Basically, it comes down to the following steps:

Customer to generate the public certificate & a private key and share public cert in .cer or .crt format with us.
UPS Azure registers the application for Customer using the provided public cert and share the details like the token endpoint URL, ClientId, TenantId, scope and GrantType. These details will be shared with Customer.
Customer, using the details provided and their private key, will need to standup a code to generate the client assertion and generate the token using the assertion, ClientId, TenantId, Scope and GrantType.
Customer to pass the generated token along with the API call for the successful authentication.

Step 3 & 4 should be doen from Alumio.

If needed, I can also share the UPS documentation but please reach out to me privately for that.

Gugi · October 16, 2023, 1:16pm

Hi Jesse,

Thank you for posting your request in the forum.

As you may already know that we don’t support such an authentication method yet. Therefore, we need to pass it on to the team for further discussion about the possibility of the implementation. We will be sure to let you know once we have an update.

Kind regards

jesse · December 21, 2023, 1:20am

Hi Gugi,

It’s been two months since the initial post and we would like to complete this integration. Could you give me a status update?

Gugi · January 5, 2024, 12:31pm

Hi Jesse,

We apologize for the late reply.

We just checked that our colleagues have contacted you regarding the follow-up of your request. Could you please confirm?