Establishing a Connection
Trello uses token-based authentication to grant third-party applications access to their API. When a user has granted an application access to their data, the application is given a token that can be used to make requests to Trello's API. Trello's API can be accessed in 2 different ways. The first is using Trello's own Authorization Route, and the second is using OAuth1.0.
Using Authorization Route
At the moment of registration, Trello assigns an API key and Token to the account. We can retrieve this API key after logging in to Trello and visiting https://trello.com/app-key. After obtaining your API key, you can use it to obtain a Token by visiting https://trello.com/1/authorize?expiration=never&name=MyPersonalToken&scope=read&response_type=token&key={Key} and replacing {key} with the obtained API key. After visiting the page, you can authorize the application to use your account by clicking the allow button. You'll be redirected to a page with your token. To make requests to Trello's API you will need both API key and Token.
Note: You can change the expiration time of the token by changing expiration= with one of the following values (1hour, 1day, 30days, never).
Set:
- APIKey: The key found at https://trello.com/app-key
- Token: The token obtained.
Custom Credentials
You can use a custom OAuth app to authenticate with a service account or a user account.
Desktop Authentication with a Custom OAuth App
Get and Refresh the OAuth Access Token
After setting the following, you are ready to connect:
- OAuthClientId: Set this to the client Id assigned when you registered your app. You can find it by visiting trello.com/app-key under API Key
- OAuthClientSecret: Set this to the client secret assigned when you registered your app. You can find it by visiting trello.com/app-key scrolling to the bottom
- CallbackURL: Set this to a localhost callback such as http://localhost:33333. If left empty, the CData ADO.NET Provider for Trello 2019 will default to http://localhost:33333.
- InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken.
- Extracts the access token from the callback URL and authenticates requests.
- Refreshes the access token when it expires.
- Saves OAuth values in OAuthSettingsLocation to be persisted across connections.
Web Authentication with a Custom OAuth App
When connecting via a Web application, you need to register a custom OAuth app with Trello. You can then use the provider to get and manage the OAuth token values.
Get an OAuth Access Token
Set the following connection properties to obtain the OAuthAccessToken:
- OAuthClientId: Set this to the Client Id in your app settings.
- OAuthClientSecret: Set this to the Client Secret in your app settings.
You can then call stored procedures to complete the OAuth exchange:
- Call the GetOAuthAuthorizationURL stored procedure. Set the AuthMode input to WEB and set the CallbackURL input to the endpoint you would like Trello to return information to. The stored procedure returns the URL to the OAuth endpoint.
- Log in and authorize the application. You are redirected back to the callback URL.
- Call the GetOAuthAccessToken stored procedure. Set the AuthMode input to WEB. Set the Verifier input to the "code" parameter in the query string of the callback URL.
Refresh the OAuth Access Token
You can set InitiateOAuth to REFRESH to automatically refresh the OAuth access token when it expires, or you can call the RefreshOAuthAccessToken stored procedure to refresh the token manually.
Automatic Refresh
To refresh the token with InitiateOAuth, set the following on the first data connection:
- OAuthAccessToken: Set this to the access token returned by GetOAuthAccessToken.
- InitiateOAuth: Set this to REFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken.
- OAuthSettingsLocation: Set this to the path where the provider will save the OAuth values, to be persisted across connections.
- OAuthClientId: Set this to the Client Id in your app settings.
- OAuthClientSecret: Set this to the Client Secret in your app settings.
- OAuthRefreshToken: Set this to the refresh token returned by GetOAuthAccessToken.
On subsequent data connections, set the following:
- InitiateOAuth
- OAuthSettingsLocation
Manual Refresh
You can use the RefreshOAuthAccessToken stored procedure to manually refresh the OAuthAccessToken. Call the stored procedure after the ExpiresIn parameter value returned by GetOAuthAccessToken has elapsed. You need the following connection properties to be set:
- OAuthClientId: Set this to the Client Id in your app settings.
- OAuthClientSecret: Set this to the Client Secret in your app settings.
Customizing the SSL Configuration
By default, the provider attempts to negotiate SSL/TLS by checking the server's certificate against the system's trusted certificate store. To specify another certificate, see the SSLServerCert property for the available formats to do so.
Connecting Through a Firewall or Proxy
HTTP Proxies
To connect through the Windows system proxy, you do not need to set any additional connection properties. To connect to other proxies, set ProxyAutoDetect to false.
In addition, to authenticate to an HTTP proxy, set ProxyAuthScheme, ProxyUser, and ProxyPassword, in addition to ProxyServer and ProxyPort.
Other Proxies
Set the following properties:
- To use a proxy-based firewall, set FirewallType, FirewallServer, and FirewallPort.
- To tunnel the connection, set FirewallType to TUNNEL.
- To authenticate, specify FirewallUser and FirewallPassword.
- To authenticate to a SOCKS proxy, additionally set FirewallType to SOCKS5.
Troubleshooting the Connection
To show provider activity from query execution to network traffic, use Logfile and Verbosity. The examples of common connection errors below show how to use these properties to get more context. Contact the support team for help tracing the source of an error or circumventing a performance issue.
- Authentication errors: Typically, recording a Logfile at Verbosity 4 is necessary to get full details on an authentication error.
- Queries time out: A server that takes too long to respond will exceed the provider's client-side timeout. Often, setting the Timeout property to a higher value will avoid a connection error. Another option is to disable the timeout by setting the property to 0. Setting Verbosity to 2 will show where the time is being spent.
- The certificate presented by the server cannot be validated: This error indicates that the provider cannot validate the server's certificate through the chain of trust. If you are using a self-signed certificate, there is only one certificate in the chain.
To resolve this error, you must verify yourself that the certificate can be trusted and specify to the provider that you trust the certificate. One way you can specify that you trust a certificate is to add the certificate to the trusted system store; another is to set SSLServerCert.