Login to 3rd Party App using Pipedrive Auth (SSO)

ricardo.cadete · January 15, 2020, 3:10pm

Hi Pipedrive,

we are looking forward integrate our product with Pipedrive.
I understand the steps of installing an app from the Marketplace and how to get the user tokens to fetch their data. But I am wondering if is possible to allow the Pipedrive users also to login at our product using Pipedrive credentials, like as Single Sign-on.

At this link https://pipedrive.readme.io/docs/marketplace-oauth-authorization
Step 1: “Requesting authorization” - “This step is necessary to implement only when you allow app installation outside of the Marketplace.”

Is this only valid for App installations or can be used for a normal and external authentications?

When executing the request of Step 1, using the client_id and redirect_uri to our server, and using a pipedrive sandbox account, I get

{
“success”: false,
“error”: “unauthorized access”,
“errorCode”: 401
}

Can you help us please?

Best regards,
Ricardo

dani · January 16, 2020, 12:40pm

Hi Ricardo,
before getting in the specifics of SSO, I think there might be some simple reason why you’re getting that error message. I suspect the request is not formatted correctly.

Could you post a snippet (hiding sensitive data)?

ricardo.cadete · January 16, 2020, 1:52pm

Hi Dani,

thanks for helping, I use postman, this is the generated code for cURL:

curl --location --request GET ‘https://oauth.pipedrive.com/oauth/authorize?client_id=xxxxxxxxxxxxxx&state=148aHxbdd92&redirect_uri=https://crm-test.salesboard.biz/pipedrive/auth’

dani · January 17, 2020, 2:51pm

Ok, this is Step 1 (from the same documentation url you posted) and you need to do a redirect to the url, so you will not get a json response from it.

If you’re trying to make an api call to that url, simply redirect instead.

Let me know if that helps.

ricardo.cadete · January 20, 2020, 10:10am

Thanks Dani,
got you, this should be opened at the browser, now the url_redirect is been validated and we got the code to continue the authorization process.

Following question: how do we skip the installation screen if the user already have the app installed and we want just to authenticate the user in background, via our Online App (running at our website, with Pipedrive user auth)?

Best regards,

ricardo.cadete · January 20, 2020, 11:23am

We could also setup a call so we could explain better our goals for this project.
Best regards,

dani · January 22, 2020, 2:58pm

You should store the refresh token. If the user has not uninstalled the app, you can simply request a new access_token without redirecting to the authorization page again.

The login should be handled by your application. Basically a user should be able to be logged in / logged out, and have / not have an access_token for Pipedrive (same as has installed / has not installed the app).

I hope this helps. I also made a video where I cover how to build an app, and how to implement the OAuth 2 flow. You can find it in the same documentation page, and you can start the video directly at 1:50: https://pipedrive.readme.io/docs/marketplace-oauth-authorization

I would suggest you start from there, and if you have any specific questions, feel free to ask here.

You will be able to get on a call with one of us, as well, if it’s really needed. But let’s try to keep it in this thread if possible. Both for simplicity, and to let other users who might have the same questions benefit from it as well

ricardo.cadete · January 22, 2020, 4:32pm

Thanks so much Dani, I saw the video before, it’s great!
I will do what you suggested.