Creating and Managing Connectors
Connectors are grants by an account owner to authorize the ThingWorx Flow server access to capabilities of a third-party service or utility. They allow actions and triggers to access data from external systems.
Each connector is owned by the user who creates it. By default, only the creator can view, use, edit, or delete connectors. The Administrator user and any member of the Administrator group cannot view, use, edit, or delete any private connector created by another user. However, if a user shares a connector, then any ThingWorx Flow user can use the connector. However, other ThingWorx Flow users cannot view, edit, or delete the connector.
There is no limit to the number of connectors that you can create for a service.
Connector names must be unique across all services, regardless the connector type.
Connector Types
Connector types define the way ThingWorx Flow connects to third-party services or utilities. While developers can define any connector type, the following list provides the commonly supported connector types by ThingWorx Flow:
◦ None—Anonymous access.
◦ Basic—Account credentials, in the form of user ID and password.
◦ Token—Access token of a particular account.
◦ Application key—Application key of a particular account.
◦ One-Way SSL and Two-Way SSL—Shared SSL certificates between the third-party service and the ThingWorx server is used for authentication.
◦ OAuth—Open Authorization (OAuth) authentication and authorization standard is used for authentication. ThingWorx Flow supports the following OAuth connector types:
▪ OAuth (Named User)
▪ OAuth (Session User)
The following table provides the key differences in an OAuth connector for Named Users and Session Users:
|
OAuth (Named User)
|
OAuth (Session User)
|
|---|---|
|
Create an OAuth (Named User) connector to execute any actions that are associated with this connector with the provided set of account credentials only.
To enable other users to execute workflows with the same credentials that the workflow is created, do the following:
1. Create an Create an OAuth (Named User) connector.
2. Share this connector.
|
Create an OAuth (Session User) connector to allow other users to execute any actions that are associated with this connector with their account credentials. To enable this, do the following:
1. Create an OAuth (Session User) connector.
2. Share this connector.
Any ThingWorx Flow user that logs in to the system must provide their own set of credentials and grant access to each third-party service or utility that uses the OAuth (Session User) connector.
|
|
Sharing this connector allows other ThingWorx Flow users to execute any workflow that is associated with this connector.
If you do not share this connector, other users cannot use it to execute workflows with this connector.
|
Sharing this connector allows other ThingWorx Flow users to execute workflows using their account credentials.
If you do not share this connector, it works like an OAuth (Named User) connector.
|
|
You can use the OAuth (Named User) connector in any action in a trigger-initiated or user-initiated workflow.
|
You can use the OAuth (Session User) connector in any workflow that is initiated by a user. However, you cannot use the OAuth (Session User) connector in any action in a trigger-initiated workflow.
|
|
You can create and edit polling triggers and webhook triggers using the OAuth (Named User) connector.
|
You can create and edit webhook triggers using the OAuth (Session User) connector. However, you cannot create polling triggers using the OAuth (Session User) connector.
|
 |
When you are using the session user type for your connector, and your access token and refresh token expires, log in again and you will be redirected to your connector's OAuth page. On the connector OAuth page, provide your credentials for that specific connector and click Allow. You will be redirected to ThingWorx, and your connectors will receive new tokens for all the connectors configured using the session user type for that particular OAuth. Consider the following conditions:
• If your OAuth provider has the refresh_expires_in or refresh_token_expires_in value, it will check if the access token and refresh token have expired. ThingWorx Flow will add your connector in pending grant access. On the next login, you will get the grant access page, where you need to provide the credentials and grant access again.
• If your OAuth provider does not have the values for refresh_expires_in or refresh_token_expires_in, then it will consider your refresh token not expired. The same refresh token can be used to create a new access token, so it will not get added to the pending access grant.
• If your connector is still invalid, then edit the connector and test again.
|