OAuth health monitoring
This functionality is available for Creatio 8.1.2 and later.
Use the functionality to discover what goes wrong during the Identity Service or OAuth setup and usage. You can use the functionality manually or as part of integration with automated monitoring systems.
OAuth health check functionality checks whether:
- the system settings that configure OAuth 2.0 in Creatio are filled out
- the Identity service is available
- the OAuth token is retrievable
To check the health of OAuth functionality from the browser, use the following link:
- For .NET Framework:
http://mycreatio.com/0/api/OAuthHealthCheck - For .NET Core and .NET 6:
http://mycreatio.com/api/OAuthHealthCheck
As a result, you will receive one of the responses listed below.
Status: 200 OK
{
"HasProblem": false,
"IsSystemSettingsFilledIn": true,
"IsIdentityServiceAvailable": true,
"IsAccessTokenRetrievableForSystemActions": true
}
OAuth token is received from the Identity Service as expected.
Solution. Not required.
Status: 500 Internal Server Error
{
"HasProblem": true,
"IsSystemSettingsFilledIn": false,
"IsIdentityServiceAvailable": false,
"IsAccessTokenRetrievableForSystemActions": false,
"Message": "System settings OAuth20IdentityServerUrl, OAuth20IdentityServerClientId, OAuth20IdentityServerClientSecret are empty."
}
The system settings that configure OAuth 2.0 in Creatio are not filled out.
Solution. Make sure that the following system settings are filled out:
- "Authorization server Url for OAuth 2.0 integrations" ("OAuth20IdentityServerUrl" code)
- "Client id for OAuth 2.0 integrations" ("OAuth20IdentityServerClientId" code)
- "Client secret for OAuth 2.0 integrations" ("OAuth20IdentityServerClientSecret" code)
Status: 500 Internal Server Error
{
"HasProblem": true,
"IsSystemSettingsFilledIn": false,
"IsIdentityServiceAvailable": false,
"IsAccessTokenRetrievableForSystemActions": false,
"Message": "System setting OAuth20IdentityServerUrl is empty."
}
An individual system setting that configures OAuth 2.0 in Creatio is not filled out.
Solution.
- Find the code of the system setting that causes error in the
Messageresponse parameter. - Fill out the needed system setting.
Status: 500 Internal Server Error
{
"HasProblem": true,
"IsSystemSettingsFilledIn": true,
"IsIdentityServiceAvailable": false,
"IsAccessTokenRetrievableForSystemActions": false,
"Message": "IdentityService specified in system setting OAuth20IdentityServerUrl is unavailable."
}
Identity Service is not working as expected.
Solution. Test the Identity Service. Instructions: Test the Identity Service (user documentation). If the Identity Service is available, check that the "Authorization server Url for OAuth 2.0 integrations" ("OAuth20IdentityServerUrl" code) system setting is filled out and Identity Service URL is available from the machine where Creatio instance is deployed.
Status: 500 Internal Server Error
{
"HasProblem": true,
"IsSystemSettingsFilledIn": true,
"IsIdentityServiceAvailable": true,
"IsAccessTokenRetrievableForSystemActions": false,
"Message": "Can't retrieve access_token for system actions from IdentityService specified in system settings OAuth20IdentityServerUrl using client_id and client_secret specified in system settings OAuth20IdentityServerClientId & OAuth20IdentityServerClientSecret."
}
OAuth token is not available.
Solution.
-
Make sure that the following system settings are filled out:
- "Authorization server Url for OAuth 2.0 integrations" ("OAuth20IdentityServerUrl" code)
- "Client id for OAuth 2.0 integrations" ("OAuth20IdentityServerClientId" code)
- "Client secret for OAuth 2.0 integrations" ("OAuth20IdentityServerClientSecret" code)
-
If system settings are filled out, reproduce the issue and collect Creatio and Identity Service logs that include data when the issue occurred.
-
Contact Creatio support and provide them Creatio and Identity Service logs.
You can set up automated monitoring systems based on OAuth health monitoring. If needed, use Postman to check the health of OAuth functionality. The Postman request collection that tests requests is available in Creatio API documentation.
See also
Connect the Identity Service to Creatio
Generate OAuth 2.0 client credentials
Update the Identity Service using IIS
Authorize external requests using OAuth 2.0 (developer documentation)