Sometimes you may have an application whose users may elect to include BlueJeans functionality in their client session.
This overview guide will provide you an example of the 3-Legged OAuth process used by client applications to obtain authorization by the user for access to their BlueJeans account.
BlueJeans REST API messages must contain certain formatting values in order to be recognized as valid. Please ensure that each REST call has the following fields:
A functional implementation of the 3-Legged OAuth process can be found in this Reference Application.
Step 1
Developer Registers Application
The first step a developer must do is register their application with BlueJeans. This will ensure that BlueJeans knows there is a target application that is requesting an access token.
For this step, a developer must request from their BlueJeans Administrator a client ID and a secret ID set of keys. These keys are part of the application registration process in BlueJeans.
Registration need only be done once by the Enterprise Administrator. Thereafter, clients can authorize against this application per OAuth's standards.
BlueJeans uses the industry standard OAuth protocol for authentication.
{ appName : "test.3leg", description : "Reference Application to test 3-legged authentication", appLogoUrl : "", redirectUrls : [ "https://glenninn.com" ] }
{ appName : "test.3leg", description : "Reference Application to test 3-legged authentication", appLogoUrl : "https://glenninn.com/Logo-84x84.png", redirectUrls : [ "https://glenninn.com" ], clientId : "43160b229 ... 18ef2c3ef00989bec", clientSecret : "xxxxxxx", client_id : "43160b229 ... 18ef2c3ef00989bec", client_secret : "xxxxxxxx" }
Step 2
Application Asks BlueJeans for Authorization
In this step your application redirects away to BlueJeans so that a user can login to their BlueJeans account and authorize/reject application access to the user's BlueJeans account
In the event the user approves BlueJeans access, the API call returns with a access code. That code will need to be exhanged quickly for an access token
&clientId=&redirectUri= &state= &scope= &responseType=code &appName= &appLogoUrl=
&code=&state=
Step 3
Application Obtains Access Token
In this step the user's Application session makes an API call to exchange the access code for a user access token.
Along with this API call, you must pass the access code obtained from the Authorization step.
{ redirectUri : "https://glenninn.com/authenticated", code : "gqNe....skFCK", grant_type : "authorization_code", client_secret : "xxxxxxxxx", client_id : "43160b2...989bec" }
{ access_token : "8355640ae5.....2ae163d0f493", expires_in : 3600, scope : { user : 1442589, appPermissions : [ ... ], partitionName : "z2", partition : { id : 2, name : "z2" }, bearerPermissions : "list_meetings,modify_meetings,user_info", clientId : "43160b2...989bec", client_id : "43160b2...989bec", capabilities : [] }, refresh_token : "sdEE2BmVr...JRhzVMU3HosSJYCG" }