Fleet - how does the "Oauth2 Endpoint Params" field work in integration configuration

I am trying to integrate Elastic with Zoom API. Even though there's a Zoom Webhook integration plugin available in Elastic, I want to query Zoom's REST API.

Zoom's API requires user to authenticate using OAuth and the flow to get the token is:

  • you send the POST request to zoom.us/oauth/token (the request contains the Basic Auth header with ClientID and ClientSecret) and in the request's body you attach the following parameters: grant_type:account_credentials and account_id:acc0untid_str1ng
  • then, after authentication the endpoint returns a JSON with a field "access_token", which contains JWT token that enables one to query the API.

I tried to configure this integration in the Integrations (as a new Custom API integration), but there are some differences in the Zoom Oauth flow, that makes it hard to integrate Elastic with Zoom:

  • from my experience, to get access token in OAuth flow, you need to send "Authorization" header with value such as: client_id:something, client_secret:something - it's not the case for Zoom, as it requires you to provide the credentials using HTTP Basic Auth (so client id and secret are encoded using Base64)
  • you need to provide account_id in the body as well

I haven't found a way to ensure those conditions are met using Integrations UI in Elastic.

Do you have any tips how can I overcome those issues while integrating Zoom API with Elastic? Maybe you have some experience integrating this specific API with elastic?

Thanks in advance,

Hi Mikolaj, welcome to the community!
There is a Zoom integration in elastic, can you try with that? Zoom | Documentation

Yes, I know, but as I said in the beginning of the thread - for a few reasons I prefer using REST API - first of all I’d have to configure an external IP address that would serve as the webhook listener. As there is the REST API in Zoom, I’d rather use it. Main obstacle is getting this strange OAuth flow to work.

You could alternately try CEL input's Basic Authentication
like this: .basic_authentication("Client_ID", "Client_Secret")

The integration in this case would be CEL Custom API

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.