Hi, there!
2: Collaboration between Questetra and Mastodon
2.1: Grant_type available in Mastodon
2.2: How to connect with Grant_type: authorization_code
2.3: How to connect with grant_typepassword
3: Collaboration between Questetra and Twitter
3.1: How to connect with Grant_type: client_credentials
4: Closing
1: What is “Mastodon”?
Mastodon is a short messaging SNS service/free software of “decentralized type” with which anyone can operate SNS freely -much like Twitter.
“Mastodon“, often heard recently.
I have not used it so much yet, but they say it is something like a Twitter server that can be built on your own.
Since Mastodon has APIs, I checked whether or not it is possible to call it from Questetra.
* Even though there might not be a demand for its use for now, it could be used as a marketing tool when Mastodon is more widely spread.
Also, I made a comparison with the APIs of Twitter, which can be said is the origin of Mastodon, since it has been famous for a long time. (I suppose there are a lot of people who tried out calling Twitter APIs when testing a web API).
2: Collaboration between Questetra and Mastodon
2.1: Grant_type available in Mastodon
There are four types of OAuth 2 grant_type (method to get tokens), and Mastodon seems to work with authorization_code and password out of those four. (Whereas, only client_credentials is available in Twitter.)
* It is unconfirmed whether or not it corresponds to other grant_types. Also, note that the grant_type of password is generally not recommended, so please be aware of that as well.
・Authorizaton Code Grant (authorization_code)
・Implicit Grant (implicit)
・Resource Owner Password Credentials Grant (password)
・Client Credentials Grant (client_credentials)
2.2: How to connect with Grant_type: authorization_code
We are going to use “Throwing Message Intermediate Event (HTTP)” of Questetra.
We are going to use “Throwing Message Intermediate Event (HTTP)” of Questetra.
This is a function that allows you to send an HTTP request in the middle of a flow, and it is possible to set a connection by OAuth 2 (grant_type is authorization_code). If this is available to call the APIs, you don’t need programming.
Details on how to do the setting will be described later.
* Document for “Throwing Message Intermediate Event (HTTP)”
M225: Auto Sending of HTTP Request with Business data Inserted
Client registration to Mastodon
First of all, we will make client registration to Mastodon as follows
* Enter the name you like in “{CLIENT NAME}”
* You can change “Scope” according to what you want to do, but it must match with the setting to be done later on Questetra side.
* Since client_id and client_secret which can be obtained from processing results are used later, please note them down.
OAuth setting in “Throwing Message Intermediate Event (HTTP)” of Questetra
You can go to OAuth setting screen through either of [Set up OAuth 2.0 from here] button of [Connect with the OAuth 2.0] in the [Security / Custom Header] tab on the property screen of “Throwing Message Intermediate Event (HTTP)”, or [OAuth 2.0 Setting] in [▼App] menu.
| Name | Value |
|---|---|
| Name | (set a name of your choice , it will be used later) |
| Authorization Endpoint URL | https://{HOST NAME}/oauth/authorize |
| Token Endpoint URL | https://{HOST NAME}/oauth/token |
| Scope | read write follow (choose it according to what you want to do) |
| Client ID | (Acquired at the time of client registration) |
| Client Secret | (Acquired at the time of client registration) |
* Enter the host name of the target Mastodon in “{HOST NAME}”
The setting value of OAuth is as follows. Click on [Get Token] button.
Settings in property of “Throwing Message Intermediate Event (HTTP)” of Questetra
The setting for “Throwing Message Intermediate Event (HTTP)” to call the API to post a message is as follows.
| Name | Value |
|---|---|
| Network Settings: URL | https://{HOST NAME}/api/v1/statuses |
| Security / Custom Header: Connect with the OAuth 2.0 | (OAuth setting name as before) |
| Send Parameter Settings | status: (Words you want to post) |
- Network Settings: String type data item that will contain error details when an error occurred
- Response Settings: check on [Save the Response] and specify [Data item to save the response]
2.3: How to connect with grant_typepassword
For grant_type password, use “Script Task” of Questetra. Details of setting will be described later.
* Document for “Script Task”
M230: Auto Executing Complicated Data Processing (ECMAScript)
Client registration to Mastodon
First of all, we will do the client registration to Mastodon as follows
* Enter the name you like in “{CLIENT NAME}”
* You can change “Scope” according to what you want to do, but it must match with the settings to be done later on Questetra’s side.
* Since client_id and client_secret which can be obtained from processing results are used later, please note them down.
Setting in “Script Task” of Questetra
In the “Script Task”, it retrieves an access token, and calls the URL for posting. A sample code is shown below. Enter the appropriate values in between the braces ({}).
var message = data.get("3");
var clientId = "{CIENT ID}";
var secret = "{CLIENT SECRET}";
var accessLog = "";
var uriToken = "https://{HOST NAME}/oauth/token";
var response = httpClient.begin()
.formParam( "grant_type", "password" )
.formParam( "client_id", clientId )
.formParam( "client_secret", secret )
.formParam( "scope", "write read follow" )
.formParam( "username", "{LOGIN USER NAME}" )
.formParam( "password", "{LOGIN PASSWORD}" )
.post( uriToken );
accessLog += "---POST request--- " + response.getStatusCode() + "\n";
accessLog += response.getResponseAsString() + "\n";
var oauthTokenObj = JSON.parse( response.getResponseAsString() );
var oauthToken = oauthTokenObj.access_token;
accessLog += "oauthToken: " + oauthToken + "\n";
var uriExecute = "https://{HOST NAME}/api/v1/statuses";
var responseCreate = httpClient.begin()
.bearer( oauthToken )
.formParam( "status", message )
.post( uriExecute );
accessLog += "---POST request--- " + responseCreate.getStatusCode() + "\n";
accessLog += responseCreate.getResponseAsString() + "\n";
retVal.put( "0", accessLog );
3: Collaboration between Questetra and Twitter
For the grant_type of OAuth 2.0 in Twitter, only client_credentials is available.
* Reference material: Twitter Developer Documentation, POST oauth2/token
3.1: How to connect with Grant_type: client_credentials
Client registration to Twitter
First of all, we will make client registration to Twitter referencing this page. Please note, again, the client_id and client_secret that can be obtained from processing results, since we use them later.
Setting in “Script Task” of Questetra
In the “Script Task”, it retrieves an access token, and calls the URL for retrieving list. A sample code is shown below. Enter the appropriate values in between the braces ({}).
var clientId = "{CLIENT ID}";
var secret = "{CLIENT SECRET}";
var accessLog = "";
var uriToken = "https://api.twitter.com/oauth2/token";
var response = httpClient.begin()
.formParam( "grant_type", "client_credentials" )
.formParam( "client_id", clientId )
.formParam( "client_secret", secret )
.post( uriToken );
accessLog += "---POST request--- " + response.getStatusCode() + "\n";
accessLog += response.getResponseAsString() + "\n";
var oauthTokenObj = JSON.parse( response.getResponseAsString() );
var oauthToken = oauthTokenObj.access_token;
accessLog += "oauthToken: " + oauthToken + "\n";
var uriExecute = "https://api.twitter.com/1.1/statuses/user_timeline.json";
var responseExecute = httpClient.begin()
.bearer( oauthToken )
.queryParam( "screen_name", "{SCREEN NAME}" )
.queryParam( "count", 3 )
.get( uriExecute );
accessLog += "---GET request--- " + responseExecute.getStatusCode() + "\n";
accessLog += responseExecute.getResponseAsString() + "\n";
retVal.put( "0", accessLog );
However, in the case of the access token obtained this way, since it is not associated with the user context, the usable API is limited… Well, it is natural since it did not pass user authentication as in the case of authorization_code.
Reference material:Twitter Developer Documentation, Application-only authentication
In other words, if you want to call the APIs and post it, it seems that you have to use the previous OAuth 1. But, connection setting in OAuth 1 is not supported in Questetra…
Therefore, if you want to call the APIs and make a post, I think that it is quick to combine it with a cooperation tool such as ifttt. Using ifttt, you can post, etc. To Twitter by sending an email via Questetra, easily.
4: Closing
In this way, I examined collaboration between Questetra and Mastodon and Twitter, focusing on connection in OAuth 2.
I suppose that you can understand that it can be set easily, if grant_type is authorization_code. However, even if grant_type is authorization_code, there are cases where it does not connect well depending on the counterpart… I will tell you about it in another article.
If you have any questions, please feel free to Contact us.
Apply for Starter Plan (Free) Here
By applying for your Free account of your own Questetra, you will be able to use all the Questetra features including what I mentioned above.
Please click HERE to go to the Web form.
Pingback: RPA is Not the Only Automation! Various Examples of Automation by Cloud-based Workflow - Questetra
Pingback: Settings when Calling REST API of Another Service from Questetra (Questetra to be OAuth2 client) – Questetra Support
Pingback: Examples of Collaborations with Other Systems and BPM Workflow (June, 2019) - Questetra
Pingback: System Settings – API Clients – Questetra Support