Category

Pick a topic

RingCentral Announces 3-legged Authorization to Simplify Login Integrations

Ring Central Blog

Share

URL copied
1 min read

Authorization to gain access to company data is a requirement of every integration and RingCentral is making this easier and more secure by extending its OAuth 2.0 support to include 3-legged OAuth. 3-legged OAuth enables developers to use RingCentral’s servers for user login and password reset in an industry standard way. This also allows developers to transparently support enterprise customers that use third-party providers for single sign-on (SSO), such as PingFederate, Okta, and others.

The benefits of using 3-legged OAuth authorization include providing a consistent RingCentral login to users and additional security that will be appreciated by enterprise customers, while reducing the amount of code that needs to be written to perform integration with RingCentral services.

For developers, implementing 3-legged OAuth is comprised of three simple steps:

  1. Establishing a redirect URI to configure for the app on the Developer Portal
  2. Opening a browser window to the RingCentral authorization URI embedding the redirect URI
  3. Adding code to the redirect URI page to exchange the authorization code for an access token

When using 3-legged OAuth, the user is presented with the RingCentral login and authorization pages, they will see the following pages:

RingCentral 3-legged OAuth This process is documented in the RingCentral OAuth Developer Guide and Developer Tutorial as well as implemented in the RingCentral JavaScript SDK. Here is a quick example from the Developer Tutorial.

Use the following link to open a window to the RingCentral authorization service:

// Get user authorization URL
var myRedirectUri = 'https://example.com/oauth';
var authorizeUrl = rcsdk.getPlatform().getAuthURL({
redirectUri: myRedirectUri
});
// Open window for authorizeUrl

In your redirect URL, retrieve the code form the query string and exchange it for an access token as follows:

// Get query string
var qs = rcsdk.getPlatform().parseAuthRedirectUrl(window.location.href);
var myRedirectUri = 'https://example.com/oauth';
qs.redirectUri = myRedirectUri;

if (‘code’ in qs) {
var res = rcsdk.getPlatform().authorize(qs)
.then(function(response) {
// process response and close window (if popup)
window.open(”, ‘_self’, ”);
window.close();
}).catch(function(e) {
console.log(“Error: Authorization”)
});
} else {
console.log(“Error: No Code”)
}

If you have questions on this service, please contact us at devsupport@ringcentral.com or reach us on the Developer Community at https://devcommunity.ringcentral.com.

Originally published Oct 11, 2015, updated Aug 11, 2020

Up next

Business leadership, Communication and collaboration, IT leadership

RingCentral Launches Call Recording APIs to Expand Data Offerings

RingCentral is excited to announce availability of its call recording streaming APIs. Call recordings are an integral part of every voice communications service and are already available from RingCentral’s mobile, desktop and web applications. This new capability extends the availability of call recordings for retrieval and streaming playback via the API to enable rich integrations ...

Share

URL copied

Related content

Business leadership, Customer stories

RingCentral Helps Peifer Security Solutions Achieve Two Mission-Critical Company Goals

Communication and collaboration, IT leadership

Office Costs Too High? Turn to Internet Fax for Savings

Business leadership, Communication and collaboration, IT leadership, Productivity

Top 5 iPhone Apps for Business Productivity

Before you go...
Get our very best content for free and start working better from anywhere
You’re in! Thanks for signing up. Keep an eye out for our emails in your inbox.
Get the Remote Work Playbook
Everything you need to know in one place
Get the 2021 State of Hybrid Work Report
Learn how businesses are managing a partially remote workforce
You’re in! Thanks for signing up. Enjoy your copy of the Remote Work Playbook.