Does the Pipedream Advanced Plan Include ADP Integration?

Help
41

So your full URL is https://api.adp.com/auth/oauth/v2/token?

42

correct

43

Do their docs say if the tokens expire, btw?

44

bearer tokens or certs?

45

Bearer tokens

46

bearer tokens look like they are good for 1 hr

47 
{
    "access_token": <token>,
    "token_type": "Bearer",
    "expires_in": 3600,
    "scope": "api"
}
48

Can you try again?

49

yep

50

failed

51

Weird, same error:

{
  "error": "invalid_request",
  "error_description": "proper client ssl certificate was not presented"
}

That’s bizarre because I can’t reproduce that error, I can only get a “bad id/secret” error :thinking_face:

52

hmmm

53 
import os
import tempfile

import requests

URL = 'https://api.adp.com'
OAUTH_URI = '/auth/oauth/v2/token'


def handler(pd: 'pipedream'):
  cert_pem = os.environ['ADP_CERT']
  private_key = os.environ['ADP_PRIVATE_KEY']
  client_id = os.environ['ADP_CLIENT_ID']
  client_secret = os.environ['ADP_CLIENT_SECRET']
  grant_type = 'client_credentials'

  cert_path, key_path = create_cert_files(cert_pem, private_key)
  
  r = [requests.post](http://requests.post)(
    URL + OAUTH_URI,
    cert=(cert_path, key_path),
    headers={
      'Content-Type': 'application/x-www-form-urlencoded'
    },
    data={
      'client_id': client_id,
      'client_secret': client_secret,
      'grant_type': grant_type
    },
    verify=True
  )
  
  os.unlink(cert_path)
  os.unlink(key_path)

  if r.status_code != 200:
    print(f'Error while attempting to auth against ADP ({r.status_code}) - {r.text}')
    r.raise_for_status()
  
  return r.json()


def create_cert_files(cert_pem: str, private_key: str):
  with tempfile.NamedTemporaryFile(mode='w', suffix='.pem', delete=False) as cert_file:
    cert_file.write(cert_pem)
    cert_path = cert_file.name
  
  with tempfile.NamedTemporaryFile(mode='w', suffix='.key', delete=False) as key_file:
    key_file.write(private_key)
    key_path = key_file.name

  return cert_path, key_path

Here is my full custom python action for auth that works

I used project env vars that are just the raw text from the .pem and .key files (they are put back into temp files due to requests library requiring them to be files)

54

Oh yea I see they need the cert even to get the access token… in order to fully support it end to end it’s going to take a bit of work on our side. Our standard integration template doesn’t have support for handling certs like that.

55

Sounds good. and yeah, ADP require the cert files for each request
OAuth requires the certs and client_id and client_secret
All other requests require the certs + the bearer token from the oauth

56

I tried, in postman, to only use the bearer token and the request failed due to bad TLS handshake :disappointed:

57

Yea, well it seems like they need the certs for OAuth, to just get the access token. That’s the error we’re getting now.

58

right, okay. Well thanks for being on-hand for this debugging session. Let me know when we can try again. I appreciate your time!

59

Yea no problem, thanks for the patience and for working with me

60

of course!