https://linen.dev logo
s

Samuel Gordalina

01/22/2021, 12:01 AM
Hey guys, I saw in your Q1 OKRs that you want to have "Seamless OAuth support" can you shed some light on what this means?
u

user

01/22/2021, 12:02 AM
For our current integrations we are hacking the oauth flow
u

user

01/22/2021, 12:02 AM
(getting secrets and tokens from browsers and urls)
u

user

01/22/2021, 12:02 AM
That's a poor experience
u

user

01/22/2021, 12:03 AM
u

user

01/22/2021, 12:03 AM
there is a complex walkthrough to follow
u

user

01/22/2021, 12:03 AM
the idea is to have a fully integrated XP within Airbyte
u

user

01/22/2021, 12:04 AM
We aren't sure how we are going to it though
u

user

01/22/2021, 12:04 AM
It is just an idea right now
u

user

01/22/2021, 12:04 AM
Why the question?
u

user

01/22/2021, 12:06 AM
We also want to see if we can own the oauth application so users don't have to go through the flow of creating oauth applications (we can give the choice here)
u

user

01/22/2021, 12:06 AM
not sure if this is going to be possible because we need to make sure we never exopse the oauth secrets
u

user

01/22/2021, 12:32 AM
Cool
u

user

01/22/2021, 12:32 AM
We also want our customers to connect their data sources via OAuth
u

user

01/22/2021, 12:32 AM
Ideally with an app that we own.
u

user

01/22/2021, 12:33 AM
I think the issue is that each connector would have to support oauth
u

user

01/22/2021, 12:34 AM
yep, it is not going to be easy indeed
u

user

01/22/2021, 12:34 AM
are you down to review the tech spec when we have one avilable?
u

user

01/22/2021, 12:34 AM
yeah
u

user

01/22/2021, 12:35 AM
i have some time next week to think about how we want to solve it for our own customers, and see how we can implement it on top of current airbyte as well as how airbyte can have this out-of-the-box so we can leverage it.
u

user

01/22/2021, 12:36 AM
that may be useful input for your tech spec
u

user

01/22/2021, 12:36 AM
yes it would!
u

user

01/22/2021, 12:39 AM
cool
u

user

01/22/2021, 12:40 AM
I'll post my info in this issue
u

user

01/22/2021, 12:40 AM
thanks! we will post the Spec on this ticket as well
u

user

01/22/2021, 1:09 PM
Ideally with an app that we own.
@Samuel Gordalina What's the benefit of using your SF App if you don't mind me asking ?
not sure if this is going to be possible because we need to make sure we never exopse the oauth secrets
@Michel Is it even possible with deployable app ? SF app requires full callback url which you can't know in advance because you don't know what ip/port instance of Airbyte will have.
u

user

01/22/2021, 4:56 PM
i can't speak to the Salesforce example here, but maybe an easier example is that a user wants to be able to pull their google ads data out of google ads and into their analytics database. Instead of going through the (significant) hassle of getting their own google developer credentials, if they can just authorize the Airbyte account to pull the data from their account, that may be preferable. There's a lot to figure out here, because you can also imagine in the example I just described that the user doesn't want Airbyte to have access to their data (totally reasonable), so then they would still need to get developer credentials but would run the OAuth flow in our UI (but not the hacky version of the flow that we support now). Depending on the integration, sensitivity of the data different solutions make more or less sense, so we're trying to think tactically about which pieces of this flow to enable first.
u

user

01/22/2021, 5:29 PM
@ruslan You are correct and that's one piece we don't have a ton of visibility on. One idea would be that we host one piece of the infra on our side to help with the flow.
u

user

01/22/2021, 5:29 PM
I wonder if something like that would be possible
u

user

01/22/2021, 5:29 PM
WDYT?
u

user

01/22/2021, 5:30 PM
With the option of also self-hosting your Oauth Helper if you want to own your own oauth app
u

user

01/22/2021, 5:33 PM
@ruslan You are correct and that's one piece we don't have a ton of visibility on. One idea would be that we host one piece of the infra on our side to help with the flow.
Yeah, I had the same idea but that means token is leaking to vendor which some customers may find unacceptable.
u

user

01/22/2021, 5:35 PM
yep! agreed, at that point we can just make the oauth helper movable and you can make your own decision wether to use our public one (least effort & can be used by less technical profiles) or the self hosted one (you have to create all the oauth apps)
u

user

01/22/2021, 5:44 PM
Hosting our own oauth app/helper is something we're interested on as we want to abstract airbyte from our customers.
3 Views