Actually, my use case is not only on mobile app. I have an erp accounting app, and my client want to connect data between sugarcrm and my erp app. I read a lot of document crmapi and all workflow to access sugarcrm api require me to have username/password in crm of my client. That's not very convenient to ask clients their kind of info everytime getting data in sugar and it 's also not good if sth wrong with that account (they lost password, or expired or sth worse) and i will be blame for that (cause i know their username/password). I wish to have a implicit grant type workflow , so i could simply redirect to sugar login page. SugarCrm will handle the login, ask client the rights for me to access sugar by their account and send back me an authorization code. After that i could easy get access token, access api without risking my client username/password
I made one with microsoft crm, and everything is ok. Next target is sugar crm and now i get stuck :( Hope you could help me this
Our new REST API does not support OAuth 2.0 implicit grant flows.
Our older SOAP API (which still works in Sugar 7.x) does support 3 legged OAuth 1.0. It lacks some of the features of our newer REST API but it allows you to perform CRUD operations on records that trigger workflows, logic hooks, etc.
Because SugarCRM does not support client certificate based authentication, we built a proxy which translates any client certificate to an appropriate login token which SugarCRM can handle.
