I am trying to build an application in RMP that can access multiple Google Apps of different users in my company. Meaning that I need generic access to multiple google accounts. For this purpose Google's API offers the possibility to create a so called Service account, for the purpose of Server-to-Server communication, as described right here: https://developers.google.com/identity/protocols/OAuth2ServiceAccount
To use this I need to generate a Json Web Token (JWT) and sign it with my private key that I get from Google Dev Console. After I have sent the JWT to Google's Oauth2 Authorization Server, I will receive an access token that allows me to access all the Google APIs in the name of my colleagues (If it is allowed by the admin and within a specified scope). Somehow comparable with an SSH connection where my public Key is on the remotely accessed machine.
So is there any posibility to generate this JWT? I mean there is an 2-leged Oauth Scheme option when creating a new Connector/Provider in RMP, but this seems to be for OAuth v1 and not for OAuth v2. And unfortunately its is not possible to put much computional logic in form of a javascript in my RMP process. To create the connector by hand, I need to be able to perform cryptographical operations, which is not possible due to the fact that I cannot access remote js libs without dynamically loading them with <html><script src ="abc.com/abc.js"></script>-tag. Anyways it would be stupid to put the private key as plain text in the webinterface of my process..
Do you guys plan to realize an Oauth v2 2-legged auth scheme? Or is there a workaround to solve this problem? I may have missed a possibility or functionality of RMP.
Sorry but I have to stress that: I DONT want to use the 3-legged Google OAuth v2 Authentication, where Google API is called on the behalf of a specific user. ;)
Thanks in advance and kind regards,
Ingo
thank you very much for your reply. Unfortunately this was not helpful. But in the meantime I found an old thread in Google Groups that discusses exactly my problem:
(see: https://groups.google.com/a/runmyprocess.com/forum/#!msg/supportforum/DfE9yuJtQpc/QqMB526yvdQJ )
It seems that at the moment it is not possible to perform a 2-legged authentication with RMP. There are offered two workarounds:
1. Build a Webapp that creates the JWT and create a custom connector that fetches the token (not realy the high security solution)
2. Use an admin account that has access to all google users, you also need a hardcoded refreshtoken
I hope i did not get that wrong.
Thanks anyways and kind regards,
Ingo