Log in to a database session using an OAuth identity provider
To log in to a hosted database using an OAuth identity provider, use an HTTP POST method with the sessions
API endpoint specifying the database. Use the X-FM-Data-OAuth-Request-Id string and X-FM-Data-OAuth-Identifier string in the header to authenticate access to the hosted database. If the authentication is accepted, your code receives an access token that defines your connection to the database. This connection is called a database session.
HTTP method |
POST |
URL |
/fmi/data/version/databases/database-name/sessions version – the FileMaker Data API version requested can use database-name – the name of the hosted database |
HTTP header |
Content-Type: application/json X-FM-Data-OAuth-Request-Id: request-id X-FM-Data-OAuth-Identifier: identifier-parameter |
Parameters | An empty set of curly braces. For example: { } May optionally use the fmDataSource parameter to log in to an external data source. See Log in to an external data source. |
Response |
The access token, an empty response body, and a messages array showing an error code of 0. The X-FM-Data-Access-Token header is returned in response, which is the session token to be used for subsequent API calls. For example: See Error responses. |
To get the OAuth parameters in JSON format:
-
Get the list of supported OAuth providers by using an HTTP GET method with this URL:
https://host/fmws/oauthproviderinfo
where host is the IP address or domain name of the primary machine in your FileMaker Server deployment. The list is returned in JSON format.
-
Choose a supported OAuth provider.
-
Get the tracking ID for your session. Use an HTTP GET method with this URL:
http://host/oauth/getoauthurl?trackingID=tracking-ID&provider=OAuth-provider&address=127.0.0.1&X-FMS-OAuth-AuthType=2
where host is the IP address or domain name of the primary machine in your FileMaker Server deployment, tracking-ID is the developer-generated tracking ID for your session, and OAuth-provider is the name of your selected OAuth provider.
The HTTP header for this request needs to include the following:
-
X-FMS-Application-Type: 9
-
X-FMS-Application-Version: 15
-
X-FMS-Return-URL: http://127.0.0.1/
-
-
Read the response header for the X-FMS-Request-ID data. This response header contains the OAuth request ID that you will use for the X-FM-Data-OAuth-Request-ID string in the header.
-
Read the response header for the X-FMS-Return-URL data. Call the URL returned in this parameter to allow the user to authenticate with the OAuth provider.
-
The "identifier" returned by the OAuth provider is the OAuth identifier parameter that you will use for the X-FM-Data-OAuth-Identifier string in the header.
See Editing OAuth account access in FileMaker Pro Help.