How to obtain access to WorkSheet Home without following 3-leg OAuth process

Hi.

We are using SmartSheet to store multiple sheets that should be created by one person. This person will share one or more sheets in each of multiple workspaces.

I am writing an application (in C#, hosted on AWS Lambda) that must access each Workspace, and Sheet, and read each Sheet. I am using the official SmartSheet C# SDK.

The application code seems to work when I execute it manually. It can access my Sheets in multiple Workspaces, and I only have a Trial/Free account.

When I attempt to execute the code to access another Workspace/Home, it times-out in the DefaultHttpClient.CreateRestRequest() method call where I am tring to perform a HomeResources.GetHome() request.

Do I need to authorise my application to perform this? (As described here: http://smartsheet-platform.github.io/api-docs/?csharp#oauth-flow)

If so, how? My code is not hosted on a web server - it's not on a web page, so I don't know how it could be authorised by the aforementioned process.

Do I need to do something like described in the following links:

https://deanhume.com/a-simple-guide-to-using-oauth-with-c/

https://stackoverflow.com/questions/4002847/oauth-with-verification-in-net

https://forge.autodesk.com/blog/expanding-net-desktop-apps-cloud-running-sample

Find more posts tagged with

Workspaces

Sheets

API and Developers

Sharing and Collaboration

Government

Security

Integrations

Comments

Dave.Robinson

Ok, so I worked it out.

Firstly, the OAuth process is necessary only if you want to access SmartSheet with a specific user's credentials.

And regarding the OAuth 3 leg authorisation, I followed the example located at the following URL...

https://adndevblog.typepad.com/cloud_and_mobile/2016/10/3-legged-oauth-on-desktop-apps-c-winform.html

... and I was able to get a token.

For my use-case, I worked out that I didn't need the OAuth token.

NOTE: The OAuth token is only valid for 7 days. You are required to refresh the token periodically.

Dave.Robinson

I spoke too soon. My code is timing out again. Investigating whether it is AWS that's the cause. I hope so.

dave-inden

Did you ever get this working? As for the Smartsheet side of things it sounds like you won't need to use the OAuth flow to get your requests made. Instead you can generate an access token from within the account that has the correct access to everything and then set that as an environment variable or put it in a config file of some kind to access it. Then you can set the access token when constructing your Smartsheet client. More info on Access Tokens is in the docs.

Dave.Robinson

Yes, I got it working. As I mentioned in my first (2nd?) post, OAuth is not required for this, and having the Accesstoken works fine.

Using the links I posted I was able to build an OAuth "hack" that allowed me to get access __IF__ I wanted to do things that way. Any OAuth authenticated access is valid for 7 days though. And for me, that would be a challenge.

Sign in to join the conversation!

Quick Links

Trending discussions

linksOutToCells return as null
I've tried using the C# SDK and directly to the API. In both cases the get specifies include=crossSheetReferences when getting the sheet. The Rows are returned and the Cells contain the correct data but in each case the linksOutToCells is null. What am I missing?
Does a view-only user need a license to use the API?
Hello everyone, I will need to use Smartsheet API to ingest data from Smartsheet to an object storage. To do that, my client will create a view only account for me. If I understand correctly, to use the API the account needs to be licensed, so we will need to pay for this "service account". That is correct?
Using Control Center to Track Folder Updates?
Hello, I am unsure of the feasibility of this goal but am hoping someone could provide some insight. Within my organization we have the following structure Workspace → Workspace → Folder. Within this folder we have additional folders that are added through an API integration we have setup. I am hoping we would be able to…