OAuth2 User-Agent Flow for API Connector

I’m trying to connect to the Sage Business Cloud API (https://developer.sage.com/api/accounting/guides/authentication/) using API Connector. It looks like OAuth2 User-Agent flow is the correct method but it’s not clear what settings should be used. This is because the terms in the API Connector dialog don’t match up with what the Sage documentation describes.
Sage expects a GET (which is redirected) followed by a POST with the token.
GET https://www.sageone.com/oauth2/auth/central?filter=apiv3.1&response_type=code&client_id={CLIENT_ID}&state={SOME_STATE}&scope=full_access&redirect_uri=https%3A%2F%2Fswif.cc%2Fsage_callback
How does this map to e.g. “Login Dialog redirect”, “User profile endpoint” and so on in the API Connector form?

Yeah, it won’t. This type of thing is a major pain in Bubble. If the OAuth 2 destination doesn’t support “login with service” (which would cause a user info endpoint to be exposed) this becomes rather tricky.

1 Like

Yeap you’ve hit the limits of the API connector. :slightly_frowning_face: The only way out I know for this is to create a plug-in to orchestrate the oauth calls and manage the tokens in the bubble database.

The api connector is still a pretty neat piece of engineering, it’s oauth that is a bit of a mess in my opinion.

You can actually do it in vanilla Bubble, but it’s really hinky.

1 Like

I don’t see any reason to not makenit in API connector. Do Sage have an endpoint for the current authenticated user info?

Seem to be

I’ll stand corrected :grinning: you could when I think about it chain together api calls, extract the required parameters and pass them through each call … never heard the work hinky @keith before but know what it means now :slightly_smiling_face:


Thanks for the responses! It looks like User Agent won’t work for this API. I’ve been able to get an auth code using an “Open an External Website” workflow and a redirect URL on my site: this provides a code that should in theory be used to retrieve a token using POST.
I can imagine I might be able to do use this from API Connector. But my attempts so far have failed. I can see the error, but not the call - if there were some way to see what exact request Bubble was generating I could maybe debug this.

Almost! The only problem is that this solution puts the Authorization access_token in the URL, which Sage doesn’t support. I need to put it in the header, but I see no way in API Connector to make a header Value dynamic: i.e. I would need to specify Key as Authorization and Value as “Bearer [token]”. But this doesn’t permit [token] to be filled programmatically, as far as I can tell.

@simul you can make the access_token dynamic in a Header by unchecking the « private » checkbox in your API Connector call, and informing « Bearer Current User’s Token » in your workflow action


Thanks everyone for your help. And what a great community, I didn’t expect such quick or helpful responses. Thanks again!

1 Like

Did you manage to make it work?
I would like to connect my bubble app with sage as well to create invocices directly is this possible?

@saturnoanthony0104 Hi there ! I’m in the same situation, did you find a way to connect bubble to sage ?
thanks !