Uploaded image for project: 'Connectors'
  1. Connectors
  2. FIO-1

Problème oAuth2 between Nuxeo and Frame.io



    • Type: Task
    • Status: Done
    • Priority: Minor
    • Resolution: Done
    • Component/s: None
    • Epic Link:
    • Sprint:
      Sprint 1


      Following our meeting, find the step to reproduce the oAuth2 error. Regarding the previous captured video, please forget it as Billy got a misconfiguration related to the redirect_uri and not the state (that’s also an important part of the configuration but not our state problem)


      On the Frame.io part, you must have a valid account (email/password). You can create a quick one here : https://accounts.frame.io/welcome

      Once your account created, connect and execute the following tasks :


      1. **Oauth2 App configuration in Frame.io


      Go to https://developer.frame.io/app/oauth-apps/new


      Add a new configuration on Frame.io website allowing a Nuxeo instance to access Frame.io API. Change the part in red with your proper Nuxeo configuration.





      • NAME

      Define a name (No matter which value)


      Callback URL from Nuxeo using pattern YOUR_NUXEO_URL*/*NUXEO_CONTEXT/site/oauth2/OAUTH2_SERVICE_NAME_DECLARED_IN_NUXEO/callback

                     Part in red must be change

      Part in green must be defined as it


                     In the following screenshot of our platform, we defined :

      YOUR_NUXEO_URL with value https://dm-nuxeo-demo.oceaneconsulting.com

      NUXEO_CONTEXT with value  demo

      OAUTH2_SERVICE_NAME_DECLARED_IN_NUXEO with value  frameio

      • Do not select Uses PKCE
      • On the scopes list, check Offline / Accounts.Read / Team.Read


      Click on Submit


      Once created, you should have a screen with your created oAuth2 App like :



      Please copy values generated for Client ID and Client Secret, we will reuse this value in Nuxeo configuration


      Configuration completed on Frame.io


      1. **Declare an oAuth2 Provider for « Frame.io » in Nuxeo


      • Connect to your Nuxeo instance as an Administrator (WebUI)
      • Click on « Administration » link (bottom/left) and the on « Cloud Services » link
      • Click on « Add » button to add a new oAuth2 Service Provider
      • Provide following informations:


      Service Name : Define the name used previously in OAUTH2_SERVICE_NAME_DECLARED_IN_NUXEO so frameio in our case

      Description : No constraint, you can set « Frame.io Provider » for example

      Client ID : previously copied value from Frame.io

      Client Secret : previously copied value from Frame.io

      Authorization Server URL : https://applications.frame.io/oauth2/auth

      Token Server URL : https://applications.frame.io/oauth2/token

      User Authorization URL : <LEAVE IT EMPTY>

      Scopes : Specify the list of checked scopes in Frame.io, with a space between each itemso for our case : account.read offline team.read

      • Check the Enabled checkbox


      Sample :



      Once created, the provider must appear in the list as frameio service name:



      1. **Testing the « Frame.io » oAuth2 provider from Nuxeo


      • Connect to Nuxeo instance as a user or keep your session as administrator in WebUI
      • Cliquer sur the « User Settings » link bottom/left and then on « Cloud Services »
      • Click on the dedicated « Frame.io » button in « Connect to » part
      • A popup will appear but closing fastly. Intercepting the popup before closing will give you the following message:





      In that case, Nuxeo is not providing the « state » parameter to Frame.io so the authentication process is not launched. We have simulated the behavior with a Python server available here.


      This POC here demosntrates it :


      1. Go to https://dm-frameio-demo.oceaneconsulting.com/
      2. Click on the first link, authenticate, done : you have access to REST API
      3. Go to https://dm-frameio-demo.oceaneconsulting.com/
      4. Click on the second link, you’re not able to authenticate with message : « Error: invalid_state »


          Issue Links



              • Votes:
                0 Vote for this issue
                1 Start watching this issue


                • Created: