servicely supports external oauth providers for integration with third party systems oauth2 providers providers need to be defined in the systemoauthprovider table field description name the name used to refer to the systemoauthprovider entry clientid the providers client id (supplied by the provider) client secret the oauth shared secret (supplied by the provider) grant type currently only supports ‘authorization code’ authorization url the providers oauth2 authorization code url used for the initial client redirect token url the providers oauth2 token retrieval url used by the servicely instance to request the actual authentication token scopes and addition oauth2 scopes required to be passed to the provider description free text field to make any configuration notes about the provider example system api outbound tokens systemapioutboundtoken records define a specific instance of the usage of a provider, with specific credentials for example, you may have a single google oauth provider, but have access multiple google services, each with different credentials each of those would be modelled as a systemapioutboundtoken field description name the name that will be used to refer to this token from the integration type ‘oauth2’ for an oauth2 token oauth provider the systemoauthprovider configuration to use oauth prompt allows specification of the oauth ‘prompt’ parameter different providers have different requirements for this parameter, and some also may require different options at different times in the lifecycle for example, for microsoft azure, you can initially specify ‘consent’ and authenticate as an administrator to apply and authorize the required permissions to the azure application, and then change to ‘select account’ and re authenticate as an unprivileged user microsoft reference https //learn microsoft com/en us/azure/active directory/develop/v2 oauth2 auth code flow#request an authorization code https //learn microsoft com/en us/azure/active directory/develop/v2 oauth2 auth code flow#request an authorization code active the token can be deactivated by setting this to false state shows the current state of the token expires if the provider returns an expiry time, this field will be set to the token expiry time scopes any oauth scopes to be sent to the provider will override the scopes set on the provider record itself lastmessage if an error occurs when requesting the tokens, this field will be populated with the error message base url new in 1 9 used for informational purposes to highlight what a token is for example to request a new token from the provider, press the ‘get authorization token’ button you should be presented with the providers sign in page example below for a microsoft email authentication setup after authorization, you should be returned to the systemapioutboundtoken form using from the scripting environment to use the systemapioutboundtoken from the scripting environment, simply call the ‘ apitokenauth ' method of any of the outbound http methods the oauth2 signature will be applied, and any expired tokens will automatically be refreshed before the request is made