My GPT using custom action with OAuth client credentials

Hi, I’m trying to set up a new assistant that uses a custom action to call an external API. The auth must be done through OAuth + client credentials. The problem is that I cannot make client credentials to work. This is what I see:

It gets stuck when trying to do the api call asking for a sign in, but client credentials is user agnostic, it shouldn’t ask for a login. Anyone with a solution for this?
Thanks!

2 Likes

Tried also code authorization and implicit, that are user context based, but the problem is that when I click the “Sign in with…” button, I’m redirected to the external auth app, and I’m not redirected back to the GPT UI once I’m authenticated (I’ve configured the callback URL of the assistant on my external OAuth config)

2 Likes

same exact issue here. hopefully this redirect back to the gpt ui is fixed, otherwise the UX is pretty lack-luster.

2 Likes

Further testing and research. It seems default OAuth type expected by OpenAI is code authorization. This is my action OpenAPI schema (some data is masked):

{
  "openapi": "3.1.0",
  "info": {
    "title": "Platform API",
    "description": "Provides access to operations for managing groups",
    "version": "v1.0.0"
  },
  "servers": [
    {
      "url": "....api......"
    }
  ],
  "paths": {
    "/api/v2/groups/{groupId}": {
      "delete": {
        "description": "Deletes a group identified by the specified group ID",
        "operationId": "DeleteGroup",
        "parameters": [
          {
            "name": "groupId",
            "in": "path",
            "required": true,
            "description": "The unique identifier of the group to delete",
            "schema": {
              "type": "string"
            }
          }
        ],
        "deprecated": false
      }
    }
  },
  "components": {
    "schemas": {},
    "securitySchemes": {
      "OAuth2": {
        "type": "oauth2",
        "flows": {
          "authorizationCode": {
            "authorizationUrl": ".....login....../oauth/authorize",
            "tokenUrl": ".....login....../oauth/token",
            "scopes": {
              "groups": "Allows modification of groups"
            }
          }
        }
      }
    }
  }
}

My Authentication config:

What I see when testing a basic operation that involves a callout to the external API (see next 2 replies)

Any solution? Is there a way to troubleshoot that failure?

image

image

1 Like

Have you set the redirect url to the one provided by OpenAI on the other end?
The url looks like this: https://chat.openai.com/aip/g-xxxxxxxxx/oauth/callback

After you save the GPT with the oauth option enabled, it will show you the callback URL

I’m encountering a similar issue trying to interface with an API from Adobe. In my other applications (incl. Postman), I’m successfully using grant_type client_credentials with the need for an auth URL or login.

If I tried to use an auth URL provided by Adobe, I got the following error:

Does that mean I’m not capable to integrate with that API? Is there no way to modify the security schema to enforce client_credentials as grant_type?

Hello. Was wondering if you were able to figure this out?

I’m experiencing a similar issue with integrating Microsoft Graph API.

I’m able to initialize the test and sign into my Microsoft Account to allow the GPT to connect, but when it does I am redirected back to the GPT with a “Missing Access Token” error. It seems that the redirect is supposed to return an Access Token in the URL or so, but it doesn’t. Been searching forever for some sort of insight.

Just wondering if you or anyone else worked this out? I can create Actions using open/public APIs but I can’t work out authentication for ones which require it. Eg Pinterest API gives client ID, secret code, then also tokens I don’t know what to put where? I have added the callback url from OpenAI as Pinterest redirect URL. Trying different options, but always getting the thing about needing to log in :woman_shrugging:t2: