Authorization
Deputy
Prerequisites
Deputy provides two authentication methods for API access: a Permanent Token and OAuth 2.0. Both methods require access to a Deputy account with appropriate administrative permissions.
Deputy Account Setup
-
Ensure you have a Deputy account with administrative access. Deputy offers a free trial that can be used for integration development and testing.
-
Contact api@deputy.com if you need to extend the duration of a trial account for ongoing development purposes.
Obtain a Permanent Token
A permanent token provides a straightforward way to authenticate API requests without requiring OAuth 2.0 authorization flows. This method is well-suited for server-to-server integrations where a single Deputy install is being accessed.
The permanent token is displayed only once during generation. Store it in a secure location immediately, as it cannot be retrieved again after the dialog is closed.
-
Sign in to your Deputy account and navigate to the OAuth clients page by opening the following URL in your browser, replacing
{installname}with your Deputy install name and{geo}with your geographic region (e.g.,na,eu,au):https://{installname}.{geo}.deputy.com/exec/devapp/oauth_clients -
Click the New OAuth Client button to open the new OAuth Client form. Even when generating a permanent token, an OAuth client record must be created first.
-
Enter the following details in the form:
- Name: Enter a descriptive name for this integration (e.g., "Nexla Integration").
- Description: Enter a brief description of the integration's purpose.
- Logo URL: Optionally enter a URL to a logo image for the application.
-
Click Save this OAuth Client to save the client record.
-
On the OAuth Client detail page, click the Get an Access Token button to generate a permanent token for this Deputy install.
-
A dialog will appear displaying the generated permanent token. Copy the token and store it in a secure location immediately before clicking OK, as it will not be displayed again.
Obtain OAuth 2.0 Credentials
OAuth 2.0 authentication is appropriate for integrations that need to access Deputy on behalf of multiple users or organizations. This method requires a Client ID and Client Secret that identify your application to Deputy.
-
Sign up for a Deputy developer account or trial at https://www.deputy.com/.
-
Navigate to the OAuth clients page for your Deputy install:
https://{installname}.{geo}.deputy.com/exec/devapp/oauth_clients -
Click the New OAuth Client button and complete the following fields:
- Name: Enter the name of your application as it will be displayed to users during authorization.
- Description: Enter a description that will be shown to users when they authorize your application.
- Logo URL: Optionally provide a URL to your application's logo.
- Redirect URI: Enter the redirect URI that Deputy will use to return the authorization code after user consent (e.g., the Nexla OAuth callback URL).
-
Click Save this OAuth Client to create the application. The Client ID and Client Secret will be displayed in the application summary.
-
Copy and securely store the Client ID and Client Secret for use when creating the Nexla credential.
For complete information about Deputy's OAuth 2.0 authentication flow, refer to the Deputy OAuth 2.0 documentation.
Create a Deputy Credential
- To create a new Deputy credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.
Credential Name & Description
-
Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.
Resource descriptions are recommended but are not required. They should be used provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.
Authentication Settings
Deputy supports two authentication methods in Nexla. Select the method that matches how you obtained your credentials in the Prerequisites section above.
Deputy Authentication Methods
- Permanent Token
- OAuth 2.0
Authenticate using a permanent access token generated from your Deputy install's OAuth clients page. This method is well-suited for server-to-server integrations accessing a single Deputy organization.
- Enter the permanent token generated from your Deputy OAuth clients page in the **Access Token** field. This token provides direct API access to your Deputy install and should be stored securely.
- Enter the base URL of your Deputy install in the **Install URL** field. This URL follows the format `https://{installname}.{geo}.deputy.com`, where `{installname}` is your Deputy install name and `{geo}` is your geographic region (e.g., `na`, `eu`, or `au`).
Authenticate using OAuth 2.0 with a Client ID and Client Secret registered in Deputy's developer portal. This method supports multi-user access and is appropriate for applications that need to act on behalf of different Deputy users.
- Enter the **Client ID** from your Deputy OAuth application in the **Client ID** field. This identifier was generated when you created the OAuth client in your Deputy install.
- Enter the **Client Secret** from your Deputy OAuth application in the **Client Secret** field. Keep this value confidential, as it is used to verify your application's identity with Deputy.
- Enter the base URL of your Deputy install in the **Install URL** field, using the format `https://{installname}.{geo}.deputy.com`.
- Complete the OAuth 2.0 authorization flow by clicking the **Authorize** button. You will be redirected to Deputy to grant access, and then returned to Nexla with an active token.
Save the Credential
-
Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.
-
The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.