Authentication
Implicit flow is used for authentication with AgSync using the server discovery page, client ID, and client secret. A client ID and secret may be obtained by contacting AgSync support.
The following information must be submitted to AgSync Support (apisupport@ravenind.com) prior to obtaining a client ID or secret:
- Client name.
- This is your name as you would like it displayed.
- Client URI.
- Uniform resource identifier (URI) or link to your website.
- This link will be present under your logo on the AgSync Authentication page.
- Logo URI.
- This is a link to your logo. This will be shown on the Slingshot authentication page.
- Flow type.
- Either Implicit, Hybrid, or Authorization Code. See the below documentation for more information.
- Redirect URIs.
- This is a link to the token server. You must be using HTTPS
- These are a list of the allowed locations in which a user will be redirected to after we respond to you with token information. See the OpenID specification for detailed information.
- Refresh token time.
- Default refresh token times are listed below. If this is a problem, let us know and we will work to accommodate your special needs.
- 15 day sliding refresh token time. If the refresh token is not used in 15 days, it is marked as invalid and you will need to retrieve a new token.
- 1 year absolute expiration. A user is required to login within a year to re-authenticate your application.
- Default refresh token times are listed below. If this is a problem, let us know and we will work to accommodate your special needs.
Token Sequence Diagram
Click anywhere to close.
Click image to expand.
URI Locations for OpenID Connect Discovery
Locations for OpenID can be found below: