Oauth 2.0

I’m trying to understand if I can use Oauth 2.0 as a way of allowing Anaplan users to provide access to their Anaplan tenants to a 3rd party application.

Can I create a single Oauth client in my tenant, and have Anaplan users from other tenants go through the Authorization code grant flow?

Or is an Oauth client only meant to be used for just the users within a single Anaplan tenant?

Accepted answers

All comments

JaredDolich

@n8

Anaplan uses a Multipurpose Internet Mail Extension (MIME) Protocol. Which means only the email address that you grant access to the tenant will be permitted to access it. You can authenticate one of two ways, either a basic authentication (email and password) or by using a CA Certificate.

The same email can be used in multiple tenants provided the email was granted access to the same.

Most customers, for security reasons, use a system email and assign a CA Certificate.

Hope that helps.

Thanks for the reply @JaredDolich. Here's what I'm trying to get at. I'm a partner vendor (Census) with an application that would like access to an Anaplan user's tenant. Let's pretend I have 2 customers that are also Anaplan customers. Coca-cola and GE (bob@cocacola.com and jane@ge.com). They each belong to their company's separate Anaplan tenants.

I'd like to use the Oauth 2.0 Access Code Grant flow to allow Bob and Jane to allow my App to access their data in each of their different tenants.

I see the instructions for creating an Oauth 2.0 Client: https://help.anaplan.com/0984a799-a667-4e70-8759-a134be32f48c-Create-an-OAuth-2.0-client But what I don't understand yet, is if I create an Oauth 2.0 client in my tenant (Census), can I use that same Oauth 2.0 client for Bob and Jane in order for me to get access tokens that access Bob and Janes data in their tenants? Or do I need to have Bob and Jane create their own Oauth 2.0 clients in their own tenants?

JaredDolich

@n8

I'm fairly certain you have to establish the Oauth client on the "Source" tenant so it can provide you the correct token. Each user has their own security, even if they're workspace administrators and access is granted at the user level. I'm also fairly certain your ability to reach into Anaplan will be limited to the API 2.0 endpoints.

Since this is a relatively new feature, I would suggest sending a note to Support and have them give you a definitive answer.

Glad you brought this up. I had no idea it even existed. This line here suggests to me that you have to establish the client on the source tenant.

epeterson320

Any definitive answer for this? I'm also in a position where I'd like to develop a third-party app that lets users from different tenants each grant access to their own data.

ryan_kohn

I'd recommending reading through this 3-part article on OAuth in Anaplan: https://community.anaplan.com/t5/How-To/Start-Here-OAuth-Part-1-The-Basics/ta-p/131489

If you're already familiar with OAuth and are looking specifically for information on third-party applications, you can skip right to Part 3.

coraparks

Hi All,

I was wondering what our callback url should look like? Where would I find this documentation?

Thanks!

Quick Links

Can you help?

Unanswered questions

Anaplan Report page issue in the UX
Hello community, I have an issue with anaplan report (functionality). The issue I have is within couple of slides. The data in that report is scrolling into a new page. There is a hierarchy in the rows and line items and time in the columns. My problem is, the hierarchy is getting broken in the second page. One of the node…
Solution for when 2 time dimensions needed
As shown in the screenshot, each monthly amount (Jan, Feb, Mar 2024) needs to be paid down in the future months (Jan–Aug 2025). The paydown must satisfy certain conditions specific to each month between Jan and Aug 2025. If the conditions are met, the paydown can occur. For example, if $20 is available to pay in Jan 2025…
How to get live small project for learning more.
I have completed level 2 certificate still I am not confident. I want practice more, where I get small project for practice.